Action not permitted
Modal body text goes here.
cve-2022-26709
Vulnerability from cvelistv5
Published
2022-11-01 00:00
Modified
2024-08-03 05:11
Severity ?
EPSS score ?
Summary
A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| product-security@apple.com | https://support.apple.com/en-us/HT213253 | Release Notes, Vendor Advisory | |
| product-security@apple.com | https://support.apple.com/en-us/HT213254 | Release Notes, Vendor Advisory | |
| product-security@apple.com | https://support.apple.com/en-us/HT213257 | Release Notes, Vendor Advisory | |
| product-security@apple.com | https://support.apple.com/en-us/HT213258 | Release Notes, Vendor Advisory | |
| product-security@apple.com | https://support.apple.com/en-us/HT213260 | Release Notes, Vendor Advisory |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:11:44.715Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213258"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213253"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213254"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213257"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213260"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "12.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "15.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "8.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "15.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "15.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Processing maliciously crafted web content may lead to arbitrary code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-01T00:00:00",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"url": "https://support.apple.com/en-us/HT213258"
},
{
"url": "https://support.apple.com/en-us/HT213253"
},
{
"url": "https://support.apple.com/en-us/HT213254"
},
{
"url": "https://support.apple.com/en-us/HT213257"
},
{
"url": "https://support.apple.com/en-us/HT213260"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2022-26709",
"datePublished": "2022-11-01T00:00:00",
"dateReserved": "2022-03-08T00:00:00",
"dateUpdated": "2024-08-03T05:11:44.715Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2022-26709\",\"sourceIdentifier\":\"product-security@apple.com\",\"published\":\"2022-11-01T20:15:17.340\",\"lastModified\":\"2022-11-03T13:47:46.117\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution.\"},{\"lang\":\"es\",\"value\":\"Se solucion\u00f3 un problema de uso despu\u00e9s de la liberaci\u00f3n con una gesti\u00f3n de memoria mejorada. Este problema se solucion\u00f3 en tvOS 15.5, iOS 15.5 y iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. El procesamiento de contenido web creado con fines malintencionados puede provocar la ejecuci\u00f3n de c\u00f3digo arbitrario.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"15.5\",\"matchCriteriaId\":\"C51165BC-9FC7-4FE0-8049-B431CF6A2DEF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"15.5\",\"matchCriteriaId\":\"5B3F8579-F907-4E15-A4D6-1459A6687594\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"15.5\",\"matchCriteriaId\":\"29151647-DA19-4B1B-B1CD-2E05A712F941\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.0.0\",\"versionEndExcluding\":\"12.4\",\"matchCriteriaId\":\"56A8A170-44A7-4334-88B0-CB4413E28E53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"15.5\",\"matchCriteriaId\":\"4C98BE9E-8463-4CB9-8E42-A68DC0B20BD8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"8.6\",\"matchCriteriaId\":\"E8BAAD78-60FC-4EC3-B727-55F0C0969D6A\"}]}]}],\"references\":[{\"url\":\"https://support.apple.com/en-us/HT213253\",\"source\":\"product-security@apple.com\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/en-us/HT213254\",\"source\":\"product-security@apple.com\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/en-us/HT213257\",\"source\":\"product-security@apple.com\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/en-us/HT213258\",\"source\":\"product-security@apple.com\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/en-us/HT213260\",\"source\":\"product-security@apple.com\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]}]}}"
}
}
wid-sec-w-2022-2044
Vulnerability from csaf_certbund
Published
2022-11-08 23:00
Modified
2024-04-24 22:00
Summary
Red Hat Enterprise Linux: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Red Hat Enterprise Linux (RHEL) ist eine populäre Linux-Distribution.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat Enterprise Linux ausnutzen, um beliebigen Programmcode auszuführen, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Betroffene Betriebssysteme
- Linux
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Red Hat Enterprise Linux (RHEL) ist eine popul\u00e4re Linux-Distribution.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat Enterprise Linux ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-2044 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-2044.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-2044 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-2044"
},
{
"category": "external",
"summary": "Red Hat Security Advisory vom 2022-11-08",
"url": "https://access.redhat.com/errata/RHSA-2022:7447"
},
{
"category": "external",
"summary": "Red Hat Security Advisory vom 2022-11-08",
"url": "https://access.redhat.com/errata/RHSA-2022:7458"
},
{
"category": "external",
"summary": "Red Hat Security Advisory vom 2022-11-08",
"url": "https://access.redhat.com/errata/RHSA-2022:7514"
},
{
"category": "external",
"summary": "Red Hat Security Advisory vom 2022-11-08",
"url": "https://access.redhat.com/errata/RHSA-2022:7548"
},
{
"category": "external",
"summary": "Red Hat Security Advisory vom 2022-11-08",
"url": "https://access.redhat.com/errata/RHSA-2022:7558"
},
{
"category": "external",
"summary": "Red Hat Security Advisory vom 2022-11-08",
"url": "https://access.redhat.com/errata/RHSA-2022:7822"
},
{
"category": "external",
"summary": "Red Hat Security Advisory vom 2022-11-08",
"url": "https://access.redhat.com/errata/RHSA-2022:7704"
},
{
"category": "external",
"summary": "Red Hat Security Advisory vom 2022-11-08",
"url": "https://access.redhat.com/errata/RHSA-2022:7622"
},
{
"category": "external",
"summary": "Red Hat Security Advisory vom 2022-11-08",
"url": "https://access.redhat.com/errata/RHSA-2022:7639"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:8008 vom 2022-11-15",
"url": "https://access.redhat.com/errata/RHSA-2022:8008"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-7704 vom 2022-11-15",
"url": "https://linux.oracle.com/errata/ELSA-2022-7704.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:8431 vom 2022-11-15",
"url": "https://access.redhat.com/errata/RHSA-2022:8431"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-7458 vom 2022-11-15",
"url": "https://linux.oracle.com/errata/ELSA-2022-7458.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:7935 vom 2022-11-15",
"url": "https://access.redhat.com/errata/RHSA-2022:7935"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:7950 vom 2022-11-15",
"url": "https://access.redhat.com/errata/RHSA-2022:7950"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:8139 vom 2022-11-15",
"url": "https://access.redhat.com/errata/RHSA-2022:8139"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:8062 vom 2022-11-15",
"url": "https://access.redhat.com/errata/RHSA-2022:8062"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:8054 vom 2022-11-15",
"url": "https://access.redhat.com/errata/RHSA-2022:8054"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:8011 vom 2022-11-15",
"url": "https://access.redhat.com/errata/RHSA-2022:8011"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-8054 vom 2022-11-22",
"url": "https://linux.oracle.com/errata/ELSA-2022-8054.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-7822 vom 2022-11-24",
"url": "http://linux.oracle.com/errata/ELSA-2022-7822.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-8431 vom 2022-11-24",
"url": "http://linux.oracle.com/errata/ELSA-2022-8431.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-10031 vom 2022-11-29",
"url": "https://linux.oracle.com/errata/ELSA-2022-10031.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:8626 vom 2022-11-29",
"url": "https://access.redhat.com/errata/RHSA-2022:8626"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:8781 vom 2022-12-08",
"url": "https://access.redhat.com/errata/RHSA-2022:8781"
},
{
"category": "external",
"summary": "Gentoo Linux Security Advisory GLSA-202212-02 vom 2022-12-19",
"url": "https://security.gentoo.org/glsa/202212-02"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:7398 vom 2023-01-18",
"url": "https://access.redhat.com/errata/RHSA-2022:7398"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:1275 vom 2023-03-15",
"url": "https://access.redhat.com/errata/RHSA-2023:1275"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:2193 vom 2023-05-09",
"url": "https://access.redhat.com/errata/RHSA-2023:2193"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:2758 vom 2023-05-16",
"url": "https://access.redhat.com/errata/RHSA-2023:2758"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:2802 vom 2023-05-16",
"url": "https://access.redhat.com/errata/RHSA-2023:2802"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2023-2116 vom 2023-07-20",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2023-2116.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2024-2468 vom 2024-02-19",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2024-2468.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2024-2452 vom 2024-02-06",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2024-2452.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASR4-2023-001 vom 2024-01-23",
"url": "https://alas.aws.amazon.com/AL2/ALASR4-2023-001.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:2045 vom 2024-04-25",
"url": "https://access.redhat.com/errata/RHSA-2024:2045"
}
],
"source_lang": "en-US",
"title": "Red Hat Enterprise Linux: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-04-24T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:38:00.017+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2022-2044",
"initial_release_date": "2022-11-08T23:00:00.000+00:00",
"revision_history": [
{
"date": "2022-11-08T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2022-11-15T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Red Hat und Oracle Linux aufgenommen"
},
{
"date": "2022-11-23T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2022-11-28T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Oracle Linux und Red Hat aufgenommen"
},
{
"date": "2022-12-07T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-12-18T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Gentoo aufgenommen"
},
{
"date": "2023-01-17T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-03-15T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-05-09T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-05-16T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-07-20T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2024-01-22T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2024-02-05T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2024-02-19T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2024-04-24T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "15"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Gentoo Linux",
"product": {
"name": "Gentoo Linux",
"product_id": "T012167",
"product_identification_helper": {
"cpe": "cpe:/o:gentoo:linux:-"
}
}
}
],
"category": "vendor",
"name": "Gentoo"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"category": "product_version",
"name": "8",
"product": {
"name": "Red Hat Enterprise Linux 8",
"product_id": "T014111",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:8"
}
}
}
],
"category": "product_name",
"name": "Enterprise Linux"
},
{
"category": "product_name",
"name": "Red Hat OpenShift",
"product": {
"name": "Red Hat OpenShift",
"product_id": "T008027",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-4048",
"notes": [
{
"category": "description",
"text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T008027",
"67646",
"398363",
"T012167",
"T004914",
"T014111"
]
},
"release_date": "2022-11-08T23:00:00.000+00:00",
"title": "CVE-2021-4048"
},
{
"cve": "CVE-2021-44269",
"notes": [
{
"category": "description",
"text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T008027",
"67646",
"398363",
"T012167",
"T004914",
"T014111"
]
},
"release_date": "2022-11-08T23:00:00.000+00:00",
"title": "CVE-2021-44269"
},
{
"cve": "CVE-2022-1049",
"notes": [
{
"category": "description",
"text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T008027",
"67646",
"398363",
"T012167",
"T004914",
"T014111"
]
},
"release_date": "2022-11-08T23:00:00.000+00:00",
"title": "CVE-2022-1049"
},
{
"cve": "CVE-2022-21682",
"notes": [
{
"category": "description",
"text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T008027",
"67646",
"398363",
"T012167",
"T004914",
"T014111"
]
},
"release_date": "2022-11-08T23:00:00.000+00:00",
"title": "CVE-2022-21682"
},
{
"cve": "CVE-2022-22624",
"notes": [
{
"category": "description",
"text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T008027",
"67646",
"398363",
"T012167",
"T004914",
"T014111"
]
},
"release_date": "2022-11-08T23:00:00.000+00:00",
"title": "CVE-2022-22624"
},
{
"cve": "CVE-2022-22628",
"notes": [
{
"category": "description",
"text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T008027",
"67646",
"398363",
"T012167",
"T004914",
"T014111"
]
},
"release_date": "2022-11-08T23:00:00.000+00:00",
"title": "CVE-2022-22628"
},
{
"cve": "CVE-2022-22629",
"notes": [
{
"category": "description",
"text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T008027",
"67646",
"398363",
"T012167",
"T004914",
"T014111"
]
},
"release_date": "2022-11-08T23:00:00.000+00:00",
"title": "CVE-2022-22629"
},
{
"cve": "CVE-2022-22662",
"notes": [
{
"category": "description",
"text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T008027",
"67646",
"398363",
"T012167",
"T004914",
"T014111"
]
},
"release_date": "2022-11-08T23:00:00.000+00:00",
"title": "CVE-2022-22662"
},
{
"cve": "CVE-2022-25308",
"notes": [
{
"category": "description",
"text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T008027",
"67646",
"398363",
"T012167",
"T004914",
"T014111"
]
},
"release_date": "2022-11-08T23:00:00.000+00:00",
"title": "CVE-2022-25308"
},
{
"cve": "CVE-2022-25309",
"notes": [
{
"category": "description",
"text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T008027",
"67646",
"398363",
"T012167",
"T004914",
"T014111"
]
},
"release_date": "2022-11-08T23:00:00.000+00:00",
"title": "CVE-2022-25309"
},
{
"cve": "CVE-2022-25310",
"notes": [
{
"category": "description",
"text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T008027",
"67646",
"398363",
"T012167",
"T004914",
"T014111"
]
},
"release_date": "2022-11-08T23:00:00.000+00:00",
"title": "CVE-2022-25310"
},
{
"cve": "CVE-2022-26700",
"notes": [
{
"category": "description",
"text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T008027",
"67646",
"398363",
"T012167",
"T004914",
"T014111"
]
},
"release_date": "2022-11-08T23:00:00.000+00:00",
"title": "CVE-2022-26700"
},
{
"cve": "CVE-2022-26709",
"notes": [
{
"category": "description",
"text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T008027",
"67646",
"398363",
"T012167",
"T004914",
"T014111"
]
},
"release_date": "2022-11-08T23:00:00.000+00:00",
"title": "CVE-2022-26709"
},
{
"cve": "CVE-2022-26710",
"notes": [
{
"category": "description",
"text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T008027",
"67646",
"398363",
"T012167",
"T004914",
"T014111"
]
},
"release_date": "2022-11-08T23:00:00.000+00:00",
"title": "CVE-2022-26710"
},
{
"cve": "CVE-2022-26716",
"notes": [
{
"category": "description",
"text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T008027",
"67646",
"398363",
"T012167",
"T004914",
"T014111"
]
},
"release_date": "2022-11-08T23:00:00.000+00:00",
"title": "CVE-2022-26716"
},
{
"cve": "CVE-2022-26717",
"notes": [
{
"category": "description",
"text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T008027",
"67646",
"398363",
"T012167",
"T004914",
"T014111"
]
},
"release_date": "2022-11-08T23:00:00.000+00:00",
"title": "CVE-2022-26717"
},
{
"cve": "CVE-2022-26719",
"notes": [
{
"category": "description",
"text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T008027",
"67646",
"398363",
"T012167",
"T004914",
"T014111"
]
},
"release_date": "2022-11-08T23:00:00.000+00:00",
"title": "CVE-2022-26719"
},
{
"cve": "CVE-2022-2989",
"notes": [
{
"category": "description",
"text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T008027",
"67646",
"398363",
"T012167",
"T004914",
"T014111"
]
},
"release_date": "2022-11-08T23:00:00.000+00:00",
"title": "CVE-2022-2989"
},
{
"cve": "CVE-2022-2990",
"notes": [
{
"category": "description",
"text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T008027",
"67646",
"398363",
"T012167",
"T004914",
"T014111"
]
},
"release_date": "2022-11-08T23:00:00.000+00:00",
"title": "CVE-2022-2990"
},
{
"cve": "CVE-2022-30293",
"notes": [
{
"category": "description",
"text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T008027",
"67646",
"398363",
"T012167",
"T004914",
"T014111"
]
},
"release_date": "2022-11-08T23:00:00.000+00:00",
"title": "CVE-2022-30293"
},
{
"cve": "CVE-2022-30698",
"notes": [
{
"category": "description",
"text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T008027",
"67646",
"398363",
"T012167",
"T004914",
"T014111"
]
},
"release_date": "2022-11-08T23:00:00.000+00:00",
"title": "CVE-2022-30698"
},
{
"cve": "CVE-2022-30699",
"notes": [
{
"category": "description",
"text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T008027",
"67646",
"398363",
"T012167",
"T004914",
"T014111"
]
},
"release_date": "2022-11-08T23:00:00.000+00:00",
"title": "CVE-2022-30699"
},
{
"cve": "CVE-2022-32189",
"notes": [
{
"category": "description",
"text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T008027",
"67646",
"398363",
"T012167",
"T004914",
"T014111"
]
},
"release_date": "2022-11-08T23:00:00.000+00:00",
"title": "CVE-2022-32189"
}
]
}
wid-sec-w-2022-1057
Vulnerability from csaf_certbund
Published
2022-05-16 22:00
Modified
2023-06-21 22:00
Summary
Apple macOS: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Apple macOS ist ein Betriebssystem, das auf FreeBSD und Mach basiert.
Angriff
Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in Apple macOS ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren.
Betroffene Betriebssysteme
- MacOS X
{
"document": {
"aggregate_severity": {
"text": "kritisch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Apple macOS ist ein Betriebssystem, das auf FreeBSD und Mach basiert.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in Apple macOS ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- MacOS X",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-1057 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-1057.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-1057 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1057"
},
{
"category": "external",
"summary": "Apple Security Advisory vom 2022-05-16",
"url": "https://support.apple.com/en-us/HT213255"
},
{
"category": "external",
"summary": "Apple Security Advisory vom 2022-05-16",
"url": "https://support.apple.com/en-us/HT213256"
},
{
"category": "external",
"summary": "Apple Security Advisory vom 2022-05-16",
"url": "https://support.apple.com/en-us/HT213257"
},
{
"category": "external",
"summary": "PoC CVE-2022-26726",
"url": "https://github.com/acheong08/CVE-2022-26726-POC"
},
{
"category": "external",
"summary": "CISA: Apple Releases Security Updates",
"url": "https://www.cisa.gov/uscert/ncas/current-activity/2022/04/01/apple-releases-security-updates-0"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-3118 vom 2022-09-22",
"url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00028.html"
},
{
"category": "external",
"summary": "Wojciech Regula blogpost vom 2022-11-21",
"url": "https://wojciechregula.blog/post/macos-sandbox-escape-via-terminal/"
}
],
"source_lang": "en-US",
"title": "Apple macOS: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-06-21T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:33:27.405+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2022-1057",
"initial_release_date": "2022-05-16T22:00:00.000+00:00",
"revision_history": [
{
"date": "2022-05-16T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2022-08-16T22:00:00.000+00:00",
"number": "2",
"summary": "CVE erg\u00e4nzt"
},
{
"date": "2022-09-20T22:00:00.000+00:00",
"number": "3",
"summary": "CVE Nummern CVE-2022-32790 und CVE-2022-32882 erg\u00e4nzt"
},
{
"date": "2022-09-22T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2022-09-25T22:00:00.000+00:00",
"number": "5",
"summary": "Korrektur bzgl. fehlerhaft eingetragenem Debian Update"
},
{
"date": "2022-11-21T23:00:00.000+00:00",
"number": "6",
"summary": "Exploit aufgenommen"
},
{
"date": "2023-06-21T22:00:00.000+00:00",
"number": "7",
"summary": "CVE-2022-32794 erg\u00e4nzt"
}
],
"status": "final",
"version": "7"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Apple macOS Catalina \u003c 2022-004",
"product": {
"name": "Apple macOS Catalina \u003c 2022-004",
"product_id": "T023230",
"product_identification_helper": {
"cpe": "cpe:/o:apple:mac_os:catalina__2022-004"
}
}
},
{
"category": "product_name",
"name": "Apple macOS Big Sur \u003c 11.6.6",
"product": {
"name": "Apple macOS Big Sur \u003c 11.6.6",
"product_id": "T023231",
"product_identification_helper": {
"cpe": "cpe:/o:apple:mac_os:big_sur__11.6.6"
}
}
},
{
"category": "product_name",
"name": "Apple macOS Monterey \u003c 12.4",
"product": {
"name": "Apple macOS Monterey \u003c 12.4",
"product_id": "T023232",
"product_identification_helper": {
"cpe": "cpe:/o:apple:mac_os:monterey__12.4"
}
}
}
],
"category": "product_name",
"name": "macOS"
}
],
"category": "vendor",
"name": "Apple"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-32882",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-32882"
},
{
"cve": "CVE-2022-32794",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-32794"
},
{
"cve": "CVE-2022-32790",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-32790"
},
{
"cve": "CVE-2022-26776",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26776"
},
{
"cve": "CVE-2022-26775",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26775"
},
{
"cve": "CVE-2022-26772",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26772"
},
{
"cve": "CVE-2022-26770",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26770"
},
{
"cve": "CVE-2022-26769",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26769"
},
{
"cve": "CVE-2022-26768",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26768"
},
{
"cve": "CVE-2022-26767",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26767"
},
{
"cve": "CVE-2022-26766",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26766"
},
{
"cve": "CVE-2022-26765",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26765"
},
{
"cve": "CVE-2022-26764",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26764"
},
{
"cve": "CVE-2022-26763",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26763"
},
{
"cve": "CVE-2022-26762",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26762"
},
{
"cve": "CVE-2022-26761",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26761"
},
{
"cve": "CVE-2022-26757",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26757"
},
{
"cve": "CVE-2022-26756",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26756"
},
{
"cve": "CVE-2022-26755",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26755"
},
{
"cve": "CVE-2022-26754",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26754"
},
{
"cve": "CVE-2022-26753",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26753"
},
{
"cve": "CVE-2022-26752",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26752"
},
{
"cve": "CVE-2022-26751",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26751"
},
{
"cve": "CVE-2022-26750",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26750"
},
{
"cve": "CVE-2022-26749",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26749"
},
{
"cve": "CVE-2022-26748",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26748"
},
{
"cve": "CVE-2022-26746",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26746"
},
{
"cve": "CVE-2022-26745",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26745"
},
{
"cve": "CVE-2022-26743",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26743"
},
{
"cve": "CVE-2022-26742",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26742"
},
{
"cve": "CVE-2022-26741",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26741"
},
{
"cve": "CVE-2022-26740",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26740"
},
{
"cve": "CVE-2022-26739",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26739"
},
{
"cve": "CVE-2022-26738",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26738"
},
{
"cve": "CVE-2022-26737",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26737"
},
{
"cve": "CVE-2022-26736",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26736"
},
{
"cve": "CVE-2022-26731",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26731"
},
{
"cve": "CVE-2022-26728",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26728"
},
{
"cve": "CVE-2022-26727",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26727"
},
{
"cve": "CVE-2022-26726",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26726"
},
{
"cve": "CVE-2022-26725",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26725"
},
{
"cve": "CVE-2022-26723",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26723"
},
{
"cve": "CVE-2022-26722",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26722"
},
{
"cve": "CVE-2022-26721",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26721"
},
{
"cve": "CVE-2022-26720",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26720"
},
{
"cve": "CVE-2022-26719",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26719"
},
{
"cve": "CVE-2022-26718",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26718"
},
{
"cve": "CVE-2022-26717",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26717"
},
{
"cve": "CVE-2022-26716",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26716"
},
{
"cve": "CVE-2022-26715",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26715"
},
{
"cve": "CVE-2022-26714",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26714"
},
{
"cve": "CVE-2022-26712",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26712"
},
{
"cve": "CVE-2022-26711",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26711"
},
{
"cve": "CVE-2022-26710",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26710"
},
{
"cve": "CVE-2022-26709",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26709"
},
{
"cve": "CVE-2022-26708",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26708"
},
{
"cve": "CVE-2022-26706",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26706"
},
{
"cve": "CVE-2022-26704",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26704"
},
{
"cve": "CVE-2022-26701",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26701"
},
{
"cve": "CVE-2022-26700",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26700"
},
{
"cve": "CVE-2022-26698",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26698"
},
{
"cve": "CVE-2022-26697",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26697"
},
{
"cve": "CVE-2022-26696",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26696"
},
{
"cve": "CVE-2022-26694",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26694"
},
{
"cve": "CVE-2022-26693",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26693"
},
{
"cve": "CVE-2022-23308",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-23308"
},
{
"cve": "CVE-2022-22721",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-22721"
},
{
"cve": "CVE-2022-22720",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-22720"
},
{
"cve": "CVE-2022-22719",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-22719"
},
{
"cve": "CVE-2022-22677",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-22677"
},
{
"cve": "CVE-2022-22675",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-22675"
},
{
"cve": "CVE-2022-22674",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-22674"
},
{
"cve": "CVE-2022-22665",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-22665"
},
{
"cve": "CVE-2022-22663",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-22663"
},
{
"cve": "CVE-2022-22589",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-22589"
},
{
"cve": "CVE-2022-0778",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-0778"
},
{
"cve": "CVE-2022-0530",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-0530"
},
{
"cve": "CVE-2022-0128",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-0128"
},
{
"cve": "CVE-2021-46059",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2021-46059"
},
{
"cve": "CVE-2021-45444",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2021-45444"
},
{
"cve": "CVE-2021-44790",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2021-44790"
},
{
"cve": "CVE-2021-44224",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2021-44224"
},
{
"cve": "CVE-2021-4193",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2021-4193"
},
{
"cve": "CVE-2021-4192",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2021-4192"
},
{
"cve": "CVE-2021-4187",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2021-4187"
},
{
"cve": "CVE-2021-4173",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2021-4173"
},
{
"cve": "CVE-2021-4166",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2021-4166"
},
{
"cve": "CVE-2021-4136",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2021-4136"
},
{
"cve": "CVE-2018-25032",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2018-25032"
}
]
}
ghsa-xcg6-3xh5-6m77
Vulnerability from github
Published
2022-11-02 12:00
Modified
2022-11-03 19:00
Severity ?
Details
A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution.
{
"affected": [],
"aliases": [
"CVE-2022-26709"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-11-01T20:15:00Z",
"severity": "HIGH"
},
"details": "A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution.",
"id": "GHSA-xcg6-3xh5-6m77",
"modified": "2022-11-03T19:00:28Z",
"published": "2022-11-02T12:00:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26709"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT213253"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT213254"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT213257"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT213258"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT213260"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
gsd-2022-26709
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2022-26709",
"id": "GSD-2022-26709",
"references": [
"https://security.archlinux.org/CVE-2022-26709",
"https://www.debian.org/security/2022/dsa-5154",
"https://www.debian.org/security/2022/dsa-5155",
"https://www.suse.com/security/cve/CVE-2022-26709.html",
"https://ubuntu.com/security/CVE-2022-26709",
"https://access.redhat.com/errata/RHSA-2022:7704",
"https://access.redhat.com/errata/RHSA-2022:8054"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2022-26709"
],
"details": "A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution.",
"id": "GSD-2022-26709",
"modified": "2023-12-13T01:19:39.151747Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2022-26709",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "12.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "15.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "8.6"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "15.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "15.5"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may lead to arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/en-us/HT213258",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213258"
},
{
"name": "https://support.apple.com/en-us/HT213253",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213253"
},
{
"name": "https://support.apple.com/en-us/HT213254",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213254"
},
{
"name": "https://support.apple.com/en-us/HT213257",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213257"
},
{
"name": "https://support.apple.com/en-us/HT213260",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213260"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.4",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.6",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.5",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2022-26709"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/en-us/HT213257",
"refsource": "MISC",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://support.apple.com/en-us/HT213257"
},
{
"name": "https://support.apple.com/en-us/HT213254",
"refsource": "MISC",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://support.apple.com/en-us/HT213254"
},
{
"name": "https://support.apple.com/en-us/HT213253",
"refsource": "MISC",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://support.apple.com/en-us/HT213253"
},
{
"name": "https://support.apple.com/en-us/HT213260",
"refsource": "MISC",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://support.apple.com/en-us/HT213260"
},
{
"name": "https://support.apple.com/en-us/HT213258",
"refsource": "MISC",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://support.apple.com/en-us/HT213258"
}
]
}
},
"impact": {
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
},
"lastModifiedDate": "2022-11-03T13:47Z",
"publishedDate": "2022-11-01T20:15Z"
}
}
}
rhsa-2022_7704
Vulnerability from csaf_redhat
Published
2022-11-08 09:56
Modified
2024-11-22 19:06
Summary
Red Hat Security Advisory: webkit2gtk3 security and bug fix update
Notes
Topic
An update for glib2 and webkit2gtk3 is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.
GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures.
Security Fix(es):
* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-22624)
* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-22628)
* webkitgtk: Buffer overflow leading to arbitrary code execution (CVE-2022-22629)
* webkitgtk: Cookie management issue leading to sensitive user information disclosure (CVE-2022-22662)
* webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26700)
* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26709)
* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26710)
* webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26716)
* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26717)
* webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26719)
* webkitgtk: Heap buffer overflow in WebCore::TextureMapperLayer::setContentsLayer leading to arbitrary code execution (CVE-2022-30293)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.7 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for glib2 and webkit2gtk3 is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.\n\nGLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures.\n\nSecurity Fix(es):\n\n* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-22624)\n\n* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-22628)\n\n* webkitgtk: Buffer overflow leading to arbitrary code execution (CVE-2022-22629)\n\n* webkitgtk: Cookie management issue leading to sensitive user information disclosure (CVE-2022-22662)\n\n* webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26700)\n\n* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26709)\n\n* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26710)\n\n* webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26716)\n\n* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26717)\n\n* webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26719)\n\n* webkitgtk: Heap buffer overflow in WebCore::TextureMapperLayer::setContentsLayer leading to arbitrary code execution (CVE-2022-30293)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.7 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:7704",
"url": "https://access.redhat.com/errata/RHSA-2022:7704"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.7_release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.7_release_notes/index"
},
{
"category": "external",
"summary": "2061994",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2061994"
},
{
"category": "external",
"summary": "2073893",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073893"
},
{
"category": "external",
"summary": "2073896",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073896"
},
{
"category": "external",
"summary": "2073899",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073899"
},
{
"category": "external",
"summary": "2082548",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082548"
},
{
"category": "external",
"summary": "2092732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092732"
},
{
"category": "external",
"summary": "2092733",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092733"
},
{
"category": "external",
"summary": "2092734",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092734"
},
{
"category": "external",
"summary": "2092735",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092735"
},
{
"category": "external",
"summary": "2092736",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092736"
},
{
"category": "external",
"summary": "2099334",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2099334"
},
{
"category": "external",
"summary": "2104787",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2104787"
},
{
"category": "external",
"summary": "2104789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2104789"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_7704.json"
}
],
"title": "Red Hat Security Advisory: webkit2gtk3 security and bug fix update",
"tracking": {
"current_release_date": "2024-11-22T19:06:55+00:00",
"generator": {
"date": "2024-11-22T19:06:55+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2022:7704",
"initial_release_date": "2022-11-08T09:56:52+00:00",
"revision_history": [
{
"date": "2022-11-08T09:56:52+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-11-08T09:56:52+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T19:06:55+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:8::baseos"
}
}
},
{
"category": "product_name",
"name": "Red Hat CodeReady Linux Builder (v. 8)",
"product": {
"name": "Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::crb"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "glib2-0:2.56.4-159.el8.src",
"product": {
"name": "glib2-0:2.56.4-159.el8.src",
"product_id": "glib2-0:2.56.4-159.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2@2.56.4-159.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-0:2.36.7-1.el8.src",
"product": {
"name": "webkit2gtk3-0:2.36.7-1.el8.src",
"product_id": "webkit2gtk3-0:2.36.7-1.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3@2.36.7-1.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "glib2-0:2.56.4-159.el8.aarch64",
"product": {
"name": "glib2-0:2.56.4-159.el8.aarch64",
"product_id": "glib2-0:2.56.4-159.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2@2.56.4-159.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "glib2-devel-0:2.56.4-159.el8.aarch64",
"product": {
"name": "glib2-devel-0:2.56.4-159.el8.aarch64",
"product_id": "glib2-devel-0:2.56.4-159.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-devel@2.56.4-159.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "glib2-fam-0:2.56.4-159.el8.aarch64",
"product": {
"name": "glib2-fam-0:2.56.4-159.el8.aarch64",
"product_id": "glib2-fam-0:2.56.4-159.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-fam@2.56.4-159.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "glib2-tests-0:2.56.4-159.el8.aarch64",
"product": {
"name": "glib2-tests-0:2.56.4-159.el8.aarch64",
"product_id": "glib2-tests-0:2.56.4-159.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-tests@2.56.4-159.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "glib2-debugsource-0:2.56.4-159.el8.aarch64",
"product": {
"name": "glib2-debugsource-0:2.56.4-159.el8.aarch64",
"product_id": "glib2-debugsource-0:2.56.4-159.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-debugsource@2.56.4-159.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"product": {
"name": "glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"product_id": "glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-debuginfo@2.56.4-159.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"product": {
"name": "glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"product_id": "glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-devel-debuginfo@2.56.4-159.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"product": {
"name": "glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"product_id": "glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-fam-debuginfo@2.56.4-159.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"product": {
"name": "glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"product_id": "glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-tests-debuginfo@2.56.4-159.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "glib2-static-0:2.56.4-159.el8.aarch64",
"product": {
"name": "glib2-static-0:2.56.4-159.el8.aarch64",
"product_id": "glib2-static-0:2.56.4-159.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-static@2.56.4-159.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-0:2.36.7-1.el8.aarch64",
"product": {
"name": "webkit2gtk3-0:2.36.7-1.el8.aarch64",
"product_id": "webkit2gtk3-0:2.36.7-1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3@2.36.7-1.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"product": {
"name": "webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"product_id": "webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-devel@2.36.7-1.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"product": {
"name": "webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"product_id": "webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc@2.36.7-1.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"product": {
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"product_id": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel@2.36.7-1.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"product": {
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"product_id": "webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-debugsource@2.36.7-1.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"product": {
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"product_id": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-debuginfo@2.36.7-1.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"product": {
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"product_id": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-devel-debuginfo@2.36.7-1.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"product": {
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"product_id": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-debuginfo@2.36.7-1.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"product": {
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"product_id": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel-debuginfo@2.36.7-1.el8?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "glib2-0:2.56.4-159.el8.ppc64le",
"product": {
"name": "glib2-0:2.56.4-159.el8.ppc64le",
"product_id": "glib2-0:2.56.4-159.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2@2.56.4-159.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "glib2-devel-0:2.56.4-159.el8.ppc64le",
"product": {
"name": "glib2-devel-0:2.56.4-159.el8.ppc64le",
"product_id": "glib2-devel-0:2.56.4-159.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-devel@2.56.4-159.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "glib2-fam-0:2.56.4-159.el8.ppc64le",
"product": {
"name": "glib2-fam-0:2.56.4-159.el8.ppc64le",
"product_id": "glib2-fam-0:2.56.4-159.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-fam@2.56.4-159.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "glib2-tests-0:2.56.4-159.el8.ppc64le",
"product": {
"name": "glib2-tests-0:2.56.4-159.el8.ppc64le",
"product_id": "glib2-tests-0:2.56.4-159.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-tests@2.56.4-159.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"product": {
"name": "glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"product_id": "glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-debugsource@2.56.4-159.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"product": {
"name": "glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"product_id": "glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-debuginfo@2.56.4-159.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"product": {
"name": "glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"product_id": "glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-devel-debuginfo@2.56.4-159.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"product": {
"name": "glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"product_id": "glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-fam-debuginfo@2.56.4-159.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"product": {
"name": "glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"product_id": "glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-tests-debuginfo@2.56.4-159.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "glib2-static-0:2.56.4-159.el8.ppc64le",
"product": {
"name": "glib2-static-0:2.56.4-159.el8.ppc64le",
"product_id": "glib2-static-0:2.56.4-159.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-static@2.56.4-159.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"product": {
"name": "webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"product_id": "webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3@2.36.7-1.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"product": {
"name": "webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"product_id": "webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-devel@2.36.7-1.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"product": {
"name": "webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"product_id": "webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc@2.36.7-1.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"product": {
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"product_id": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel@2.36.7-1.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"product": {
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"product_id": "webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-debugsource@2.36.7-1.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"product": {
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"product_id": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-debuginfo@2.36.7-1.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"product": {
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"product_id": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-devel-debuginfo@2.36.7-1.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"product": {
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"product_id": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-debuginfo@2.36.7-1.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"product": {
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"product_id": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel-debuginfo@2.36.7-1.el8?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "glib2-0:2.56.4-159.el8.i686",
"product": {
"name": "glib2-0:2.56.4-159.el8.i686",
"product_id": "glib2-0:2.56.4-159.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2@2.56.4-159.el8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "glib2-devel-0:2.56.4-159.el8.i686",
"product": {
"name": "glib2-devel-0:2.56.4-159.el8.i686",
"product_id": "glib2-devel-0:2.56.4-159.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-devel@2.56.4-159.el8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "glib2-debugsource-0:2.56.4-159.el8.i686",
"product": {
"name": "glib2-debugsource-0:2.56.4-159.el8.i686",
"product_id": "glib2-debugsource-0:2.56.4-159.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-debugsource@2.56.4-159.el8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "glib2-debuginfo-0:2.56.4-159.el8.i686",
"product": {
"name": "glib2-debuginfo-0:2.56.4-159.el8.i686",
"product_id": "glib2-debuginfo-0:2.56.4-159.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-debuginfo@2.56.4-159.el8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"product": {
"name": "glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"product_id": "glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-devel-debuginfo@2.56.4-159.el8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"product": {
"name": "glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"product_id": "glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-fam-debuginfo@2.56.4-159.el8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"product": {
"name": "glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"product_id": "glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-tests-debuginfo@2.56.4-159.el8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "glib2-static-0:2.56.4-159.el8.i686",
"product": {
"name": "glib2-static-0:2.56.4-159.el8.i686",
"product_id": "glib2-static-0:2.56.4-159.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-static@2.56.4-159.el8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-0:2.36.7-1.el8.i686",
"product": {
"name": "webkit2gtk3-0:2.36.7-1.el8.i686",
"product_id": "webkit2gtk3-0:2.36.7-1.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3@2.36.7-1.el8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"product": {
"name": "webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"product_id": "webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-devel@2.36.7-1.el8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"product": {
"name": "webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"product_id": "webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc@2.36.7-1.el8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"product": {
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"product_id": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel@2.36.7-1.el8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"product": {
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"product_id": "webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-debugsource@2.36.7-1.el8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"product": {
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"product_id": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-debuginfo@2.36.7-1.el8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"product": {
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"product_id": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-devel-debuginfo@2.36.7-1.el8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"product": {
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"product_id": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-debuginfo@2.36.7-1.el8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"product": {
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"product_id": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel-debuginfo@2.36.7-1.el8?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "glib2-0:2.56.4-159.el8.x86_64",
"product": {
"name": "glib2-0:2.56.4-159.el8.x86_64",
"product_id": "glib2-0:2.56.4-159.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2@2.56.4-159.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "glib2-devel-0:2.56.4-159.el8.x86_64",
"product": {
"name": "glib2-devel-0:2.56.4-159.el8.x86_64",
"product_id": "glib2-devel-0:2.56.4-159.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-devel@2.56.4-159.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "glib2-fam-0:2.56.4-159.el8.x86_64",
"product": {
"name": "glib2-fam-0:2.56.4-159.el8.x86_64",
"product_id": "glib2-fam-0:2.56.4-159.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-fam@2.56.4-159.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "glib2-tests-0:2.56.4-159.el8.x86_64",
"product": {
"name": "glib2-tests-0:2.56.4-159.el8.x86_64",
"product_id": "glib2-tests-0:2.56.4-159.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-tests@2.56.4-159.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "glib2-debugsource-0:2.56.4-159.el8.x86_64",
"product": {
"name": "glib2-debugsource-0:2.56.4-159.el8.x86_64",
"product_id": "glib2-debugsource-0:2.56.4-159.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-debugsource@2.56.4-159.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"product": {
"name": "glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"product_id": "glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-debuginfo@2.56.4-159.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"product": {
"name": "glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"product_id": "glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-devel-debuginfo@2.56.4-159.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"product": {
"name": "glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"product_id": "glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-fam-debuginfo@2.56.4-159.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"product": {
"name": "glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"product_id": "glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-tests-debuginfo@2.56.4-159.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "glib2-static-0:2.56.4-159.el8.x86_64",
"product": {
"name": "glib2-static-0:2.56.4-159.el8.x86_64",
"product_id": "glib2-static-0:2.56.4-159.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-static@2.56.4-159.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-0:2.36.7-1.el8.x86_64",
"product": {
"name": "webkit2gtk3-0:2.36.7-1.el8.x86_64",
"product_id": "webkit2gtk3-0:2.36.7-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3@2.36.7-1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"product": {
"name": "webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"product_id": "webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-devel@2.36.7-1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"product": {
"name": "webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"product_id": "webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc@2.36.7-1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"product": {
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"product_id": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel@2.36.7-1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"product": {
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"product_id": "webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-debugsource@2.36.7-1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"product": {
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"product_id": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-debuginfo@2.36.7-1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"product": {
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"product_id": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-devel-debuginfo@2.36.7-1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"product": {
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"product_id": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-debuginfo@2.36.7-1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"product": {
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"product_id": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel-debuginfo@2.36.7-1.el8?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "glib2-0:2.56.4-159.el8.s390x",
"product": {
"name": "glib2-0:2.56.4-159.el8.s390x",
"product_id": "glib2-0:2.56.4-159.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2@2.56.4-159.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "glib2-devel-0:2.56.4-159.el8.s390x",
"product": {
"name": "glib2-devel-0:2.56.4-159.el8.s390x",
"product_id": "glib2-devel-0:2.56.4-159.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-devel@2.56.4-159.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "glib2-fam-0:2.56.4-159.el8.s390x",
"product": {
"name": "glib2-fam-0:2.56.4-159.el8.s390x",
"product_id": "glib2-fam-0:2.56.4-159.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-fam@2.56.4-159.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "glib2-tests-0:2.56.4-159.el8.s390x",
"product": {
"name": "glib2-tests-0:2.56.4-159.el8.s390x",
"product_id": "glib2-tests-0:2.56.4-159.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-tests@2.56.4-159.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "glib2-debugsource-0:2.56.4-159.el8.s390x",
"product": {
"name": "glib2-debugsource-0:2.56.4-159.el8.s390x",
"product_id": "glib2-debugsource-0:2.56.4-159.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-debugsource@2.56.4-159.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "glib2-debuginfo-0:2.56.4-159.el8.s390x",
"product": {
"name": "glib2-debuginfo-0:2.56.4-159.el8.s390x",
"product_id": "glib2-debuginfo-0:2.56.4-159.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-debuginfo@2.56.4-159.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"product": {
"name": "glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"product_id": "glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-devel-debuginfo@2.56.4-159.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"product": {
"name": "glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"product_id": "glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-fam-debuginfo@2.56.4-159.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"product": {
"name": "glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"product_id": "glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-tests-debuginfo@2.56.4-159.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "glib2-static-0:2.56.4-159.el8.s390x",
"product": {
"name": "glib2-static-0:2.56.4-159.el8.s390x",
"product_id": "glib2-static-0:2.56.4-159.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-static@2.56.4-159.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-0:2.36.7-1.el8.s390x",
"product": {
"name": "webkit2gtk3-0:2.36.7-1.el8.s390x",
"product_id": "webkit2gtk3-0:2.36.7-1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3@2.36.7-1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"product": {
"name": "webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"product_id": "webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-devel@2.36.7-1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"product": {
"name": "webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"product_id": "webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc@2.36.7-1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"product": {
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"product_id": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel@2.36.7-1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"product": {
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"product_id": "webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-debugsource@2.36.7-1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"product": {
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"product_id": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-debuginfo@2.36.7-1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"product": {
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"product_id": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-devel-debuginfo@2.36.7-1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"product": {
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"product_id": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-debuginfo@2.36.7-1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"product": {
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"product_id": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel-debuginfo@2.36.7-1.el8?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "glib2-doc-0:2.56.4-159.el8.noarch",
"product": {
"name": "glib2-doc-0:2.56.4-159.el8.noarch",
"product_id": "glib2-doc-0:2.56.4-159.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-doc@2.56.4-159.el8?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-0:2.36.7-1.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64"
},
"product_reference": "webkit2gtk3-0:2.36.7-1.el8.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-0:2.36.7-1.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686"
},
"product_reference": "webkit2gtk3-0:2.36.7-1.el8.i686",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-0:2.36.7-1.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le"
},
"product_reference": "webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-0:2.36.7-1.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x"
},
"product_reference": "webkit2gtk3-0:2.36.7-1.el8.s390x",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-0:2.36.7-1.el8.src as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src"
},
"product_reference": "webkit2gtk3-0:2.36.7-1.el8.src",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-0:2.36.7-1.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64"
},
"product_reference": "webkit2gtk3-0:2.36.7-1.el8.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64"
},
"product_reference": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686"
},
"product_reference": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le"
},
"product_reference": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x"
},
"product_reference": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64"
},
"product_reference": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64"
},
"product_reference": "webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686"
},
"product_reference": "webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le"
},
"product_reference": "webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x"
},
"product_reference": "webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64"
},
"product_reference": "webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-devel-0:2.36.7-1.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64"
},
"product_reference": "webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-devel-0:2.36.7-1.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686"
},
"product_reference": "webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le"
},
"product_reference": "webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-devel-0:2.36.7-1.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x"
},
"product_reference": "webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-devel-0:2.36.7-1.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64"
},
"product_reference": "webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64"
},
"product_reference": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686"
},
"product_reference": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le"
},
"product_reference": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x"
},
"product_reference": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64"
},
"product_reference": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64"
},
"product_reference": "webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-0:2.36.7-1.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686"
},
"product_reference": "webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le"
},
"product_reference": "webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-0:2.36.7-1.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x"
},
"product_reference": "webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64"
},
"product_reference": "webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64"
},
"product_reference": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686"
},
"product_reference": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le"
},
"product_reference": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x"
},
"product_reference": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64"
},
"product_reference": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64"
},
"product_reference": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686"
},
"product_reference": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le"
},
"product_reference": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x"
},
"product_reference": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64"
},
"product_reference": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64"
},
"product_reference": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686"
},
"product_reference": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le"
},
"product_reference": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x"
},
"product_reference": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
},
"product_reference": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-0:2.56.4-159.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64"
},
"product_reference": "glib2-0:2.56.4-159.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-0:2.56.4-159.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686"
},
"product_reference": "glib2-0:2.56.4-159.el8.i686",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-0:2.56.4-159.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le"
},
"product_reference": "glib2-0:2.56.4-159.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-0:2.56.4-159.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x"
},
"product_reference": "glib2-0:2.56.4-159.el8.s390x",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-0:2.56.4-159.el8.src as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src"
},
"product_reference": "glib2-0:2.56.4-159.el8.src",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-0:2.56.4-159.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64"
},
"product_reference": "glib2-0:2.56.4-159.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-debuginfo-0:2.56.4-159.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64"
},
"product_reference": "glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-debuginfo-0:2.56.4-159.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686"
},
"product_reference": "glib2-debuginfo-0:2.56.4-159.el8.i686",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-debuginfo-0:2.56.4-159.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le"
},
"product_reference": "glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-debuginfo-0:2.56.4-159.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x"
},
"product_reference": "glib2-debuginfo-0:2.56.4-159.el8.s390x",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-debuginfo-0:2.56.4-159.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64"
},
"product_reference": "glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-debugsource-0:2.56.4-159.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64"
},
"product_reference": "glib2-debugsource-0:2.56.4-159.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-debugsource-0:2.56.4-159.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686"
},
"product_reference": "glib2-debugsource-0:2.56.4-159.el8.i686",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-debugsource-0:2.56.4-159.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le"
},
"product_reference": "glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-debugsource-0:2.56.4-159.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x"
},
"product_reference": "glib2-debugsource-0:2.56.4-159.el8.s390x",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-debugsource-0:2.56.4-159.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64"
},
"product_reference": "glib2-debugsource-0:2.56.4-159.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-devel-0:2.56.4-159.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64"
},
"product_reference": "glib2-devel-0:2.56.4-159.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-devel-0:2.56.4-159.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686"
},
"product_reference": "glib2-devel-0:2.56.4-159.el8.i686",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-devel-0:2.56.4-159.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le"
},
"product_reference": "glib2-devel-0:2.56.4-159.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-devel-0:2.56.4-159.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x"
},
"product_reference": "glib2-devel-0:2.56.4-159.el8.s390x",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-devel-0:2.56.4-159.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64"
},
"product_reference": "glib2-devel-0:2.56.4-159.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64"
},
"product_reference": "glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-devel-debuginfo-0:2.56.4-159.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686"
},
"product_reference": "glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le"
},
"product_reference": "glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-devel-debuginfo-0:2.56.4-159.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x"
},
"product_reference": "glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64"
},
"product_reference": "glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-doc-0:2.56.4-159.el8.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch"
},
"product_reference": "glib2-doc-0:2.56.4-159.el8.noarch",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-fam-0:2.56.4-159.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64"
},
"product_reference": "glib2-fam-0:2.56.4-159.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-fam-0:2.56.4-159.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le"
},
"product_reference": "glib2-fam-0:2.56.4-159.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-fam-0:2.56.4-159.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x"
},
"product_reference": "glib2-fam-0:2.56.4-159.el8.s390x",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-fam-0:2.56.4-159.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64"
},
"product_reference": "glib2-fam-0:2.56.4-159.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64"
},
"product_reference": "glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-fam-debuginfo-0:2.56.4-159.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686"
},
"product_reference": "glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le"
},
"product_reference": "glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-fam-debuginfo-0:2.56.4-159.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x"
},
"product_reference": "glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64"
},
"product_reference": "glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-static-0:2.56.4-159.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64"
},
"product_reference": "glib2-static-0:2.56.4-159.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-static-0:2.56.4-159.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686"
},
"product_reference": "glib2-static-0:2.56.4-159.el8.i686",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-static-0:2.56.4-159.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le"
},
"product_reference": "glib2-static-0:2.56.4-159.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-static-0:2.56.4-159.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x"
},
"product_reference": "glib2-static-0:2.56.4-159.el8.s390x",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-static-0:2.56.4-159.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64"
},
"product_reference": "glib2-static-0:2.56.4-159.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-tests-0:2.56.4-159.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64"
},
"product_reference": "glib2-tests-0:2.56.4-159.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-tests-0:2.56.4-159.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le"
},
"product_reference": "glib2-tests-0:2.56.4-159.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-tests-0:2.56.4-159.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x"
},
"product_reference": "glib2-tests-0:2.56.4-159.el8.s390x",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-tests-0:2.56.4-159.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64"
},
"product_reference": "glib2-tests-0:2.56.4-159.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64"
},
"product_reference": "glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-tests-debuginfo-0:2.56.4-159.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686"
},
"product_reference": "glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le"
},
"product_reference": "glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-tests-debuginfo-0:2.56.4-159.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x"
},
"product_reference": "glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
},
"product_reference": "glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-0:2.56.4-159.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64"
},
"product_reference": "glib2-0:2.56.4-159.el8.aarch64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-0:2.56.4-159.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686"
},
"product_reference": "glib2-0:2.56.4-159.el8.i686",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-0:2.56.4-159.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le"
},
"product_reference": "glib2-0:2.56.4-159.el8.ppc64le",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-0:2.56.4-159.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x"
},
"product_reference": "glib2-0:2.56.4-159.el8.s390x",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-0:2.56.4-159.el8.src as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src"
},
"product_reference": "glib2-0:2.56.4-159.el8.src",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-0:2.56.4-159.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64"
},
"product_reference": "glib2-0:2.56.4-159.el8.x86_64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-debuginfo-0:2.56.4-159.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64"
},
"product_reference": "glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-debuginfo-0:2.56.4-159.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686"
},
"product_reference": "glib2-debuginfo-0:2.56.4-159.el8.i686",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-debuginfo-0:2.56.4-159.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le"
},
"product_reference": "glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-debuginfo-0:2.56.4-159.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x"
},
"product_reference": "glib2-debuginfo-0:2.56.4-159.el8.s390x",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-debuginfo-0:2.56.4-159.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64"
},
"product_reference": "glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-debugsource-0:2.56.4-159.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64"
},
"product_reference": "glib2-debugsource-0:2.56.4-159.el8.aarch64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-debugsource-0:2.56.4-159.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686"
},
"product_reference": "glib2-debugsource-0:2.56.4-159.el8.i686",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-debugsource-0:2.56.4-159.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le"
},
"product_reference": "glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-debugsource-0:2.56.4-159.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x"
},
"product_reference": "glib2-debugsource-0:2.56.4-159.el8.s390x",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-debugsource-0:2.56.4-159.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64"
},
"product_reference": "glib2-debugsource-0:2.56.4-159.el8.x86_64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-devel-0:2.56.4-159.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64"
},
"product_reference": "glib2-devel-0:2.56.4-159.el8.aarch64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-devel-0:2.56.4-159.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686"
},
"product_reference": "glib2-devel-0:2.56.4-159.el8.i686",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-devel-0:2.56.4-159.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le"
},
"product_reference": "glib2-devel-0:2.56.4-159.el8.ppc64le",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-devel-0:2.56.4-159.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x"
},
"product_reference": "glib2-devel-0:2.56.4-159.el8.s390x",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-devel-0:2.56.4-159.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64"
},
"product_reference": "glib2-devel-0:2.56.4-159.el8.x86_64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64"
},
"product_reference": "glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-devel-debuginfo-0:2.56.4-159.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686"
},
"product_reference": "glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le"
},
"product_reference": "glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-devel-debuginfo-0:2.56.4-159.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x"
},
"product_reference": "glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64"
},
"product_reference": "glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-doc-0:2.56.4-159.el8.noarch as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch"
},
"product_reference": "glib2-doc-0:2.56.4-159.el8.noarch",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-fam-0:2.56.4-159.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64"
},
"product_reference": "glib2-fam-0:2.56.4-159.el8.aarch64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-fam-0:2.56.4-159.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le"
},
"product_reference": "glib2-fam-0:2.56.4-159.el8.ppc64le",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-fam-0:2.56.4-159.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x"
},
"product_reference": "glib2-fam-0:2.56.4-159.el8.s390x",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-fam-0:2.56.4-159.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64"
},
"product_reference": "glib2-fam-0:2.56.4-159.el8.x86_64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64"
},
"product_reference": "glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-fam-debuginfo-0:2.56.4-159.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686"
},
"product_reference": "glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le"
},
"product_reference": "glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-fam-debuginfo-0:2.56.4-159.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x"
},
"product_reference": "glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64"
},
"product_reference": "glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-static-0:2.56.4-159.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64"
},
"product_reference": "glib2-static-0:2.56.4-159.el8.aarch64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-static-0:2.56.4-159.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686"
},
"product_reference": "glib2-static-0:2.56.4-159.el8.i686",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-static-0:2.56.4-159.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le"
},
"product_reference": "glib2-static-0:2.56.4-159.el8.ppc64le",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-static-0:2.56.4-159.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x"
},
"product_reference": "glib2-static-0:2.56.4-159.el8.s390x",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-static-0:2.56.4-159.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64"
},
"product_reference": "glib2-static-0:2.56.4-159.el8.x86_64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-tests-0:2.56.4-159.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64"
},
"product_reference": "glib2-tests-0:2.56.4-159.el8.aarch64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-tests-0:2.56.4-159.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le"
},
"product_reference": "glib2-tests-0:2.56.4-159.el8.ppc64le",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-tests-0:2.56.4-159.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x"
},
"product_reference": "glib2-tests-0:2.56.4-159.el8.s390x",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-tests-0:2.56.4-159.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64"
},
"product_reference": "glib2-tests-0:2.56.4-159.el8.x86_64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64"
},
"product_reference": "glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-tests-debuginfo-0:2.56.4-159.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686"
},
"product_reference": "glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le"
},
"product_reference": "glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-tests-debuginfo-0:2.56.4-159.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x"
},
"product_reference": "glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
},
"product_reference": "glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"relates_to_product_reference": "CRB-8.7.0.GA"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-22624",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-04-11T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2073893"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free issue was found in WebKitGTK and WPE WebKit. This flaw allows a remote attacker to process maliciously crafted web content, leading to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: Use-after-free leading to arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
],
"known_not_affected": [
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22624"
},
{
"category": "external",
"summary": "RHBZ#2073893",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073893"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22624"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22624",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22624"
}
],
"release_date": "2022-04-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-08T09:56:52+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7704"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: Use-after-free leading to arbitrary code execution"
},
{
"cve": "CVE-2022-22628",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-04-11T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2073896"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free issue was found in WebKitGTK and WPE WebKit. This flaw allows a remote attacker to process maliciously crafted web content, leading to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: Use-after-free leading to arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
],
"known_not_affected": [
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22628"
},
{
"category": "external",
"summary": "RHBZ#2073896",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073896"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22628"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22628",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22628"
}
],
"release_date": "2022-04-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-08T09:56:52+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7704"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: Use-after-free leading to arbitrary code execution"
},
{
"cve": "CVE-2022-22629",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2022-04-11T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2073899"
}
],
"notes": [
{
"category": "description",
"text": "A buffer overflow vulnerability was found in WebKitGTK and WPE WebKit. This flaw allows a remote attacker to process maliciously crafted web content, leading to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: Buffer overflow leading to arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
],
"known_not_affected": [
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22629"
},
{
"category": "external",
"summary": "RHBZ#2073899",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073899"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22629"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22629",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22629"
}
],
"release_date": "2022-04-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-08T09:56:52+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7704"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: Buffer overflow leading to arbitrary code execution"
},
{
"cve": "CVE-2022-22662",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2022-07-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2104787"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in WebKitGTK, where an issue occurs due to improper cookie management. This flaw allows a remote attacker to trick the victim into parsing maliciously crafted web content, triggering the vulnerability and gaining access to potentially sensitive information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: Cookie management issue leading to sensitive user information disclosure",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 6, 7, 8, and 9 are affected because the code-base is affected by this vulnerability.\n\nSince Red Hat Enterprise Linux 6 and 7 are Out-of-Support-Scope for Low/Moderate flaws, the issue is not currently planned to be addressed in future updates for RHEL-6,7. Only Important and Critical severity flaws will be addressed at this time.\n\nFor additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/ and Red Hat Enterprise Linux Life Cycle \u0026 Updates Policy: https://access.redhat.com/support/policy/updates/errata/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
],
"known_not_affected": [
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22662"
},
{
"category": "external",
"summary": "RHBZ#2104787",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2104787"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22662",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22662"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22662",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22662"
},
{
"category": "external",
"summary": "https://webkitgtk.org/security/WSA-2022-0006.html",
"url": "https://webkitgtk.org/security/WSA-2022-0006.html"
}
],
"release_date": "2022-07-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-08T09:56:52+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7704"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: Cookie management issue leading to sensitive user information disclosure"
},
{
"cve": "CVE-2022-26700",
"cwe": {
"id": "CWE-1173",
"name": "Improper Use of Validation Framework"
},
"discovery_date": "2022-06-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2092732"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in webkitgtk. The vulnerability occurs due to improper input validation, leading to memory corruption. This flaw allows an attacker with network access to pass specially crafted web content files, causing an application to halt, crash, or arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: Memory corruption issue leading to arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
],
"known_not_affected": [
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-26700"
},
{
"category": "external",
"summary": "RHBZ#2092732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092732"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-26700",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26700"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-26700",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26700"
},
{
"category": "external",
"summary": "https://webkitgtk.org/security/WSA-2022-0005.html",
"url": "https://webkitgtk.org/security/WSA-2022-0005.html"
}
],
"release_date": "2022-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-08T09:56:52+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7704"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: Memory corruption issue leading to arbitrary code execution"
},
{
"cve": "CVE-2022-26709",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-06-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2092733"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in webkitgtk. Due to improper input validation, the issue occurs, leading to a use-after-free vulnerability. This flaw allows an attacker with network access to pass specially crafted web content files, causing an application to halt, crash, or arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: Use-after-free leading to arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
],
"known_not_affected": [
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-26709"
},
{
"category": "external",
"summary": "RHBZ#2092733",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092733"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-26709",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26709"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-26709",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26709"
},
{
"category": "external",
"summary": "https://webkitgtk.org/security/WSA-2022-0005.html",
"url": "https://webkitgtk.org/security/WSA-2022-0005.html"
}
],
"release_date": "2022-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-08T09:56:52+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7704"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: Use-after-free leading to arbitrary code execution"
},
{
"cve": "CVE-2022-26710",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-07-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2104789"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free vulnerability was found in WebKitGTK. The flaw occurs when processing maliciously crafted HTML content in WebKit. This flaw allows a remote attacker to trick the victim into visiting a specially crafted website, triggering memory corruption and executing arbitrary code on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: Use-after-free leading to arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 6, 7, 8, and 9 are affected because the code-base is affected by this vulnerability.\n\nSince Red Hat Enterprise Linux 6 and 7 are Out-of-Support-Scope for Low/Moderate flaws, the issue is not currently planned to be addressed in future updates for RHEL-6,7. Only Important and Critical severity flaws will be addressed at this time.\n\nFor additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/ and Red Hat Enterprise Linux Life Cycle \u0026 Updates Policy: https://access.redhat.com/support/policy/updates/errata/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
],
"known_not_affected": [
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-26710"
},
{
"category": "external",
"summary": "RHBZ#2104789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2104789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-26710",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26710"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-26710",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26710"
},
{
"category": "external",
"summary": "https://webkitgtk.org/security/WSA-2022-0006.html",
"url": "https://webkitgtk.org/security/WSA-2022-0006.html"
}
],
"release_date": "2022-07-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-08T09:56:52+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7704"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: Use-after-free leading to arbitrary code execution"
},
{
"cve": "CVE-2022-26716",
"cwe": {
"id": "CWE-1173",
"name": "Improper Use of Validation Framework"
},
"discovery_date": "2022-06-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2092734"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in webkitgtk. Due to improper input validation, the issue occurs, leading to a memory corruption vulnerability. This flaw allows an attacker with network access to pass specially crafted web content files, causing an application to halt, crash, or arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: Memory corruption issue leading to arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
],
"known_not_affected": [
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-26716"
},
{
"category": "external",
"summary": "RHBZ#2092734",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092734"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-26716",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26716"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-26716",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26716"
},
{
"category": "external",
"summary": "https://webkitgtk.org/security/WSA-2022-0005.html",
"url": "https://webkitgtk.org/security/WSA-2022-0005.html"
}
],
"release_date": "2022-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-08T09:56:52+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7704"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: Memory corruption issue leading to arbitrary code execution"
},
{
"cve": "CVE-2022-26717",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-06-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2092735"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in webkitgtk. Due to improper input validation, the issue occurs, leading to a use-after-free vulnerability. This flaw allows an attacker with network access to pass specially crafted web content files, causing an application to halt, crash, or arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: Use-after-free leading to arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
],
"known_not_affected": [
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-26717"
},
{
"category": "external",
"summary": "RHBZ#2092735",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092735"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-26717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26717"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-26717",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26717"
},
{
"category": "external",
"summary": "https://webkitgtk.org/security/WSA-2022-0005.html",
"url": "https://webkitgtk.org/security/WSA-2022-0005.html"
}
],
"release_date": "2022-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-08T09:56:52+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7704"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: Use-after-free leading to arbitrary code execution"
},
{
"cve": "CVE-2022-26719",
"cwe": {
"id": "CWE-1173",
"name": "Improper Use of Validation Framework"
},
"discovery_date": "2022-06-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2092736"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in webkitgtk. Due to improper input validation, the issue occurs, leading to memory corruption. This flaw allows an attacker with network access to pass specially crafted web content files, causing an application to halt, crash, or arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: Memory corruption issue leading to arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
],
"known_not_affected": [
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-26719"
},
{
"category": "external",
"summary": "RHBZ#2092736",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092736"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-26719",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26719"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-26719",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26719"
},
{
"category": "external",
"summary": "https://webkitgtk.org/security/WSA-2022-0005.html",
"url": "https://webkitgtk.org/security/WSA-2022-0005.html"
}
],
"release_date": "2022-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-08T09:56:52+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7704"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: Memory corruption issue leading to arbitrary code execution"
},
{
"cve": "CVE-2022-30293",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-05-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2082548"
}
],
"notes": [
{
"category": "description",
"text": "A heap buffer overflow vulnerability was found in WebKitGTK. The vulnerability occurs when processing or rendering HTML content in WebKit. This flaw allows a remote attacker to trick the victim into opening a specially crafted web page, triggering a heap buffer overflow error and leading to the execution of arbitrary code on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: Heap buffer overflow in WebCore::TextureMapperLayer::setContentsLayer leading to arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
],
"known_not_affected": [
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30293"
},
{
"category": "external",
"summary": "RHBZ#2082548",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082548"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30293",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30293"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30293",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30293"
}
],
"release_date": "2022-05-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-08T09:56:52+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7704"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: Heap buffer overflow in WebCore::TextureMapperLayer::setContentsLayer leading to arbitrary code execution"
},
{
"cve": "CVE-2022-32792",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2023-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2238973"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in webkit. This issue occurs when processing maliciously crafted web content which may lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is being rated as \u0027Moderate\u0027 as WebKitGTK package is shipped as a dependency for Gnome package, additionally Red Hat Enterprise Linux doesn\u0027t ship any WebKitGTK based web browser where this flaw would present a higher severity major threat.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-32792"
},
{
"category": "external",
"summary": "RHBZ#2238973",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2238973"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-32792",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32792"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32792",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32792"
},
{
"category": "external",
"summary": "https://wpewebkit.org/security/WSA-2022-0007.html",
"url": "https://wpewebkit.org/security/WSA-2022-0007.html"
}
],
"release_date": "2022-07-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-08T09:56:52+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7704"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution"
},
{
"cve": "CVE-2022-32816",
"discovery_date": "2023-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2238975"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in webkit. This issue occurs when visiting a website that frames malicious content, which may lead to UI spoofing.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: malicious content may lead to UI spoofing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is being rated as \u0027Moderate\u0027 as WebKitGTK package is shipped as a dependency for Gnome package, additionally Red Hat Enterprise Linux doesn\u0027t ship any WebKitGTK based web browser where this flaw would present a higher severity major threat.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-32816"
},
{
"category": "external",
"summary": "RHBZ#2238975",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2238975"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-32816",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32816"
},
{
"category": "external",
"summary": "https://wpewebkit.org/security/WSA-2022-0007.html",
"url": "https://wpewebkit.org/security/WSA-2022-0007.html"
}
],
"release_date": "2022-07-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-08T09:56:52+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7704"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: malicious content may lead to UI spoofing"
},
{
"cve": "CVE-2022-32891",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2022-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2128647"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in webkitgtk, where an issue was addressed with improved UI handling. Visiting a website that frames malicious content may lead to UI spoofing.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: UI spoofing while Visiting a website that frames malicious content",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-32891"
},
{
"category": "external",
"summary": "RHBZ#2128647",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2128647"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-32891",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32891"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32891",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32891"
},
{
"category": "external",
"summary": "https://webkitgtk.org/security/WSA-2022-0009.html",
"url": "https://webkitgtk.org/security/WSA-2022-0009.html"
}
],
"release_date": "2022-09-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-08T09:56:52+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7704"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: UI spoofing while Visiting a website that frames malicious content"
}
]
}
rhsa-2022_8054
Vulnerability from csaf_redhat
Published
2022-11-15 13:26
Modified
2024-11-22 19:07
Summary
Red Hat Security Advisory: webkit2gtk3 security and bug fix update
Notes
Topic
An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.
Security Fix(es):
* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-22624)
* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-22628)
* webkitgtk: Buffer overflow leading to arbitrary code execution (CVE-2022-22629)
* webkitgtk: Cookie management issue leading to sensitive user information disclosure (CVE-2022-22662)
* webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26700)
* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26709)
* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26710)
* webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26716)
* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26717)
* webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26719)
* webkitgtk: Heap buffer overflow in WebCore::TextureMapperLayer::setContentsLayer leading to arbitrary code execution (CVE-2022-30293)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.1 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.\n\nSecurity Fix(es):\n\n* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-22624)\n\n* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-22628)\n\n* webkitgtk: Buffer overflow leading to arbitrary code execution (CVE-2022-22629)\n\n* webkitgtk: Cookie management issue leading to sensitive user information disclosure (CVE-2022-22662)\n\n* webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26700)\n\n* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26709)\n\n* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26710)\n\n* webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26716)\n\n* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26717)\n\n* webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26719)\n\n* webkitgtk: Heap buffer overflow in WebCore::TextureMapperLayer::setContentsLayer leading to arbitrary code execution (CVE-2022-30293)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 9.1 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:8054",
"url": "https://access.redhat.com/errata/RHSA-2022:8054"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.1_release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.1_release_notes/index"
},
{
"category": "external",
"summary": "2061996",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2061996"
},
{
"category": "external",
"summary": "2073893",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073893"
},
{
"category": "external",
"summary": "2073896",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073896"
},
{
"category": "external",
"summary": "2073899",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073899"
},
{
"category": "external",
"summary": "2082548",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082548"
},
{
"category": "external",
"summary": "2092732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092732"
},
{
"category": "external",
"summary": "2092733",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092733"
},
{
"category": "external",
"summary": "2092734",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092734"
},
{
"category": "external",
"summary": "2092735",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092735"
},
{
"category": "external",
"summary": "2092736",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092736"
},
{
"category": "external",
"summary": "2104787",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2104787"
},
{
"category": "external",
"summary": "2104789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2104789"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_8054.json"
}
],
"title": "Red Hat Security Advisory: webkit2gtk3 security and bug fix update",
"tracking": {
"current_release_date": "2024-11-22T19:07:05+00:00",
"generator": {
"date": "2024-11-22T19:07:05+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2022:8054",
"initial_release_date": "2022-11-15T13:26:22+00:00",
"revision_history": [
{
"date": "2022-11-15T13:26:22+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-11-15T13:26:22+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T19:07:05+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "webkit2gtk3-0:2.36.7-1.el9.src",
"product": {
"name": "webkit2gtk3-0:2.36.7-1.el9.src",
"product_id": "webkit2gtk3-0:2.36.7-1.el9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3@2.36.7-1.el9?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "webkit2gtk3-0:2.36.7-1.el9.aarch64",
"product": {
"name": "webkit2gtk3-0:2.36.7-1.el9.aarch64",
"product_id": "webkit2gtk3-0:2.36.7-1.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3@2.36.7-1.el9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"product": {
"name": "webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"product_id": "webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-devel@2.36.7-1.el9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"product": {
"name": "webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"product_id": "webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc@2.36.7-1.el9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"product": {
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"product_id": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel@2.36.7-1.el9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"product": {
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"product_id": "webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-debugsource@2.36.7-1.el9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"product": {
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"product_id": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-debuginfo@2.36.7-1.el9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"product": {
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"product_id": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-devel-debuginfo@2.36.7-1.el9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"product": {
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"product_id": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-debuginfo@2.36.7-1.el9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"product": {
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"product_id": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel-debuginfo@2.36.7-1.el9?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"product": {
"name": "webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"product_id": "webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3@2.36.7-1.el9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"product": {
"name": "webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"product_id": "webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-devel@2.36.7-1.el9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"product": {
"name": "webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"product_id": "webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc@2.36.7-1.el9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"product": {
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"product_id": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel@2.36.7-1.el9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"product": {
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"product_id": "webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-debugsource@2.36.7-1.el9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"product": {
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"product_id": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-debuginfo@2.36.7-1.el9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"product": {
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"product_id": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-devel-debuginfo@2.36.7-1.el9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"product": {
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"product_id": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-debuginfo@2.36.7-1.el9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"product": {
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"product_id": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel-debuginfo@2.36.7-1.el9?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "webkit2gtk3-0:2.36.7-1.el9.i686",
"product": {
"name": "webkit2gtk3-0:2.36.7-1.el9.i686",
"product_id": "webkit2gtk3-0:2.36.7-1.el9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3@2.36.7-1.el9?arch=i686"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"product": {
"name": "webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"product_id": "webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-devel@2.36.7-1.el9?arch=i686"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"product": {
"name": "webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"product_id": "webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc@2.36.7-1.el9?arch=i686"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"product": {
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"product_id": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel@2.36.7-1.el9?arch=i686"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"product": {
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"product_id": "webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-debugsource@2.36.7-1.el9?arch=i686"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"product": {
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"product_id": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-debuginfo@2.36.7-1.el9?arch=i686"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"product": {
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"product_id": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-devel-debuginfo@2.36.7-1.el9?arch=i686"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"product": {
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"product_id": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-debuginfo@2.36.7-1.el9?arch=i686"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"product": {
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"product_id": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel-debuginfo@2.36.7-1.el9?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "webkit2gtk3-0:2.36.7-1.el9.x86_64",
"product": {
"name": "webkit2gtk3-0:2.36.7-1.el9.x86_64",
"product_id": "webkit2gtk3-0:2.36.7-1.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3@2.36.7-1.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"product": {
"name": "webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"product_id": "webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-devel@2.36.7-1.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"product": {
"name": "webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"product_id": "webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc@2.36.7-1.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"product": {
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"product_id": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel@2.36.7-1.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"product": {
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"product_id": "webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-debugsource@2.36.7-1.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"product": {
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"product_id": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-debuginfo@2.36.7-1.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"product": {
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"product_id": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-devel-debuginfo@2.36.7-1.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"product": {
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"product_id": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-debuginfo@2.36.7-1.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"product": {
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"product_id": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel-debuginfo@2.36.7-1.el9?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "webkit2gtk3-0:2.36.7-1.el9.s390x",
"product": {
"name": "webkit2gtk3-0:2.36.7-1.el9.s390x",
"product_id": "webkit2gtk3-0:2.36.7-1.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3@2.36.7-1.el9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"product": {
"name": "webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"product_id": "webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-devel@2.36.7-1.el9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"product": {
"name": "webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"product_id": "webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc@2.36.7-1.el9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"product": {
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"product_id": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel@2.36.7-1.el9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"product": {
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"product_id": "webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-debugsource@2.36.7-1.el9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"product": {
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"product_id": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-debuginfo@2.36.7-1.el9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"product": {
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"product_id": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-devel-debuginfo@2.36.7-1.el9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"product": {
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"product_id": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-debuginfo@2.36.7-1.el9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"product": {
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"product_id": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel-debuginfo@2.36.7-1.el9?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-0:2.36.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64"
},
"product_reference": "webkit2gtk3-0:2.36.7-1.el9.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-0:2.36.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686"
},
"product_reference": "webkit2gtk3-0:2.36.7-1.el9.i686",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-0:2.36.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le"
},
"product_reference": "webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-0:2.36.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x"
},
"product_reference": "webkit2gtk3-0:2.36.7-1.el9.s390x",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-0:2.36.7-1.el9.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src"
},
"product_reference": "webkit2gtk3-0:2.36.7-1.el9.src",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-0:2.36.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64"
},
"product_reference": "webkit2gtk3-0:2.36.7-1.el9.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64"
},
"product_reference": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686"
},
"product_reference": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le"
},
"product_reference": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x"
},
"product_reference": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64"
},
"product_reference": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64"
},
"product_reference": "webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686"
},
"product_reference": "webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le"
},
"product_reference": "webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x"
},
"product_reference": "webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64"
},
"product_reference": "webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-devel-0:2.36.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64"
},
"product_reference": "webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-devel-0:2.36.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686"
},
"product_reference": "webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le"
},
"product_reference": "webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-devel-0:2.36.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x"
},
"product_reference": "webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-devel-0:2.36.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64"
},
"product_reference": "webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64"
},
"product_reference": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686"
},
"product_reference": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le"
},
"product_reference": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x"
},
"product_reference": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64"
},
"product_reference": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64"
},
"product_reference": "webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-0:2.36.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686"
},
"product_reference": "webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le"
},
"product_reference": "webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-0:2.36.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x"
},
"product_reference": "webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64"
},
"product_reference": "webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64"
},
"product_reference": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686"
},
"product_reference": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le"
},
"product_reference": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x"
},
"product_reference": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64"
},
"product_reference": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64"
},
"product_reference": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686"
},
"product_reference": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le"
},
"product_reference": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x"
},
"product_reference": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64"
},
"product_reference": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64"
},
"product_reference": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686"
},
"product_reference": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le"
},
"product_reference": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x"
},
"product_reference": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
},
"product_reference": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-22624",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-04-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2073893"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free issue was found in WebKitGTK and WPE WebKit. This flaw allows a remote attacker to process maliciously crafted web content, leading to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: Use-after-free leading to arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22624"
},
{
"category": "external",
"summary": "RHBZ#2073893",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073893"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22624"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22624",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22624"
}
],
"release_date": "2022-04-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-15T13:26:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8054"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: Use-after-free leading to arbitrary code execution"
},
{
"cve": "CVE-2022-22628",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-04-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2073896"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free issue was found in WebKitGTK and WPE WebKit. This flaw allows a remote attacker to process maliciously crafted web content, leading to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: Use-after-free leading to arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22628"
},
{
"category": "external",
"summary": "RHBZ#2073896",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073896"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22628"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22628",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22628"
}
],
"release_date": "2022-04-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-15T13:26:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8054"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: Use-after-free leading to arbitrary code execution"
},
{
"cve": "CVE-2022-22629",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2022-04-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2073899"
}
],
"notes": [
{
"category": "description",
"text": "A buffer overflow vulnerability was found in WebKitGTK and WPE WebKit. This flaw allows a remote attacker to process maliciously crafted web content, leading to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: Buffer overflow leading to arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22629"
},
{
"category": "external",
"summary": "RHBZ#2073899",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073899"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22629"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22629",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22629"
}
],
"release_date": "2022-04-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-15T13:26:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8054"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: Buffer overflow leading to arbitrary code execution"
},
{
"cve": "CVE-2022-22662",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2022-07-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2104787"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in WebKitGTK, where an issue occurs due to improper cookie management. This flaw allows a remote attacker to trick the victim into parsing maliciously crafted web content, triggering the vulnerability and gaining access to potentially sensitive information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: Cookie management issue leading to sensitive user information disclosure",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 6, 7, 8, and 9 are affected because the code-base is affected by this vulnerability.\n\nSince Red Hat Enterprise Linux 6 and 7 are Out-of-Support-Scope for Low/Moderate flaws, the issue is not currently planned to be addressed in future updates for RHEL-6,7. Only Important and Critical severity flaws will be addressed at this time.\n\nFor additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/ and Red Hat Enterprise Linux Life Cycle \u0026 Updates Policy: https://access.redhat.com/support/policy/updates/errata/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22662"
},
{
"category": "external",
"summary": "RHBZ#2104787",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2104787"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22662",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22662"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22662",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22662"
},
{
"category": "external",
"summary": "https://webkitgtk.org/security/WSA-2022-0006.html",
"url": "https://webkitgtk.org/security/WSA-2022-0006.html"
}
],
"release_date": "2022-07-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-15T13:26:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8054"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: Cookie management issue leading to sensitive user information disclosure"
},
{
"cve": "CVE-2022-26700",
"cwe": {
"id": "CWE-1173",
"name": "Improper Use of Validation Framework"
},
"discovery_date": "2022-06-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2092732"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in webkitgtk. The vulnerability occurs due to improper input validation, leading to memory corruption. This flaw allows an attacker with network access to pass specially crafted web content files, causing an application to halt, crash, or arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: Memory corruption issue leading to arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-26700"
},
{
"category": "external",
"summary": "RHBZ#2092732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092732"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-26700",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26700"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-26700",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26700"
},
{
"category": "external",
"summary": "https://webkitgtk.org/security/WSA-2022-0005.html",
"url": "https://webkitgtk.org/security/WSA-2022-0005.html"
}
],
"release_date": "2022-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-15T13:26:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8054"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: Memory corruption issue leading to arbitrary code execution"
},
{
"cve": "CVE-2022-26709",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-06-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2092733"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in webkitgtk. Due to improper input validation, the issue occurs, leading to a use-after-free vulnerability. This flaw allows an attacker with network access to pass specially crafted web content files, causing an application to halt, crash, or arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: Use-after-free leading to arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-26709"
},
{
"category": "external",
"summary": "RHBZ#2092733",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092733"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-26709",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26709"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-26709",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26709"
},
{
"category": "external",
"summary": "https://webkitgtk.org/security/WSA-2022-0005.html",
"url": "https://webkitgtk.org/security/WSA-2022-0005.html"
}
],
"release_date": "2022-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-15T13:26:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8054"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: Use-after-free leading to arbitrary code execution"
},
{
"cve": "CVE-2022-26710",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-07-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2104789"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free vulnerability was found in WebKitGTK. The flaw occurs when processing maliciously crafted HTML content in WebKit. This flaw allows a remote attacker to trick the victim into visiting a specially crafted website, triggering memory corruption and executing arbitrary code on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: Use-after-free leading to arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 6, 7, 8, and 9 are affected because the code-base is affected by this vulnerability.\n\nSince Red Hat Enterprise Linux 6 and 7 are Out-of-Support-Scope for Low/Moderate flaws, the issue is not currently planned to be addressed in future updates for RHEL-6,7. Only Important and Critical severity flaws will be addressed at this time.\n\nFor additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/ and Red Hat Enterprise Linux Life Cycle \u0026 Updates Policy: https://access.redhat.com/support/policy/updates/errata/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-26710"
},
{
"category": "external",
"summary": "RHBZ#2104789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2104789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-26710",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26710"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-26710",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26710"
},
{
"category": "external",
"summary": "https://webkitgtk.org/security/WSA-2022-0006.html",
"url": "https://webkitgtk.org/security/WSA-2022-0006.html"
}
],
"release_date": "2022-07-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-15T13:26:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8054"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: Use-after-free leading to arbitrary code execution"
},
{
"cve": "CVE-2022-26716",
"cwe": {
"id": "CWE-1173",
"name": "Improper Use of Validation Framework"
},
"discovery_date": "2022-06-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2092734"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in webkitgtk. Due to improper input validation, the issue occurs, leading to a memory corruption vulnerability. This flaw allows an attacker with network access to pass specially crafted web content files, causing an application to halt, crash, or arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: Memory corruption issue leading to arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-26716"
},
{
"category": "external",
"summary": "RHBZ#2092734",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092734"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-26716",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26716"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-26716",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26716"
},
{
"category": "external",
"summary": "https://webkitgtk.org/security/WSA-2022-0005.html",
"url": "https://webkitgtk.org/security/WSA-2022-0005.html"
}
],
"release_date": "2022-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-15T13:26:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8054"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: Memory corruption issue leading to arbitrary code execution"
},
{
"cve": "CVE-2022-26717",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-06-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2092735"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in webkitgtk. Due to improper input validation, the issue occurs, leading to a use-after-free vulnerability. This flaw allows an attacker with network access to pass specially crafted web content files, causing an application to halt, crash, or arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: Use-after-free leading to arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-26717"
},
{
"category": "external",
"summary": "RHBZ#2092735",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092735"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-26717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26717"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-26717",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26717"
},
{
"category": "external",
"summary": "https://webkitgtk.org/security/WSA-2022-0005.html",
"url": "https://webkitgtk.org/security/WSA-2022-0005.html"
}
],
"release_date": "2022-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-15T13:26:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8054"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: Use-after-free leading to arbitrary code execution"
},
{
"cve": "CVE-2022-26719",
"cwe": {
"id": "CWE-1173",
"name": "Improper Use of Validation Framework"
},
"discovery_date": "2022-06-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2092736"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in webkitgtk. Due to improper input validation, the issue occurs, leading to memory corruption. This flaw allows an attacker with network access to pass specially crafted web content files, causing an application to halt, crash, or arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: Memory corruption issue leading to arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-26719"
},
{
"category": "external",
"summary": "RHBZ#2092736",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092736"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-26719",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26719"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-26719",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26719"
},
{
"category": "external",
"summary": "https://webkitgtk.org/security/WSA-2022-0005.html",
"url": "https://webkitgtk.org/security/WSA-2022-0005.html"
}
],
"release_date": "2022-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-15T13:26:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8054"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: Memory corruption issue leading to arbitrary code execution"
},
{
"cve": "CVE-2022-30293",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-05-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2082548"
}
],
"notes": [
{
"category": "description",
"text": "A heap buffer overflow vulnerability was found in WebKitGTK. The vulnerability occurs when processing or rendering HTML content in WebKit. This flaw allows a remote attacker to trick the victim into opening a specially crafted web page, triggering a heap buffer overflow error and leading to the execution of arbitrary code on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: Heap buffer overflow in WebCore::TextureMapperLayer::setContentsLayer leading to arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30293"
},
{
"category": "external",
"summary": "RHBZ#2082548",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082548"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30293",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30293"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30293",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30293"
}
],
"release_date": "2022-05-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-15T13:26:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8054"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: Heap buffer overflow in WebCore::TextureMapperLayer::setContentsLayer leading to arbitrary code execution"
},
{
"cve": "CVE-2022-32792",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2023-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2238973"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in webkit. This issue occurs when processing maliciously crafted web content which may lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is being rated as \u0027Moderate\u0027 as WebKitGTK package is shipped as a dependency for Gnome package, additionally Red Hat Enterprise Linux doesn\u0027t ship any WebKitGTK based web browser where this flaw would present a higher severity major threat.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-32792"
},
{
"category": "external",
"summary": "RHBZ#2238973",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2238973"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-32792",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32792"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32792",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32792"
},
{
"category": "external",
"summary": "https://wpewebkit.org/security/WSA-2022-0007.html",
"url": "https://wpewebkit.org/security/WSA-2022-0007.html"
}
],
"release_date": "2022-07-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-15T13:26:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8054"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution"
},
{
"cve": "CVE-2022-32816",
"discovery_date": "2023-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2238975"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in webkit. This issue occurs when visiting a website that frames malicious content, which may lead to UI spoofing.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: malicious content may lead to UI spoofing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is being rated as \u0027Moderate\u0027 as WebKitGTK package is shipped as a dependency for Gnome package, additionally Red Hat Enterprise Linux doesn\u0027t ship any WebKitGTK based web browser where this flaw would present a higher severity major threat.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-32816"
},
{
"category": "external",
"summary": "RHBZ#2238975",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2238975"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-32816",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32816"
},
{
"category": "external",
"summary": "https://wpewebkit.org/security/WSA-2022-0007.html",
"url": "https://wpewebkit.org/security/WSA-2022-0007.html"
}
],
"release_date": "2022-07-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-15T13:26:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8054"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: malicious content may lead to UI spoofing"
},
{
"cve": "CVE-2022-32891",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2022-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2128647"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in webkitgtk, where an issue was addressed with improved UI handling. Visiting a website that frames malicious content may lead to UI spoofing.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: UI spoofing while Visiting a website that frames malicious content",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-32891"
},
{
"category": "external",
"summary": "RHBZ#2128647",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2128647"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-32891",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32891"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32891",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32891"
},
{
"category": "external",
"summary": "https://webkitgtk.org/security/WSA-2022-0009.html",
"url": "https://webkitgtk.org/security/WSA-2022-0009.html"
}
],
"release_date": "2022-09-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-15T13:26:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8054"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: UI spoofing while Visiting a website that frames malicious content"
}
]
}
var-202205-1291
Vulnerability from variot
A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution. Apple tvOS is a smart TV operating system developed by Apple (Apple). Apple tvOS 15.0 19J346 - 15.4.1 19L452 versions contain a resource management error vulnerability caused by a use-after-free error when handling HTML content in WebKit. A remote attacker could exploit this vulnerability to compromise a vulnerable system.
For the oldstable distribution (buster), these problems have been fixed in version 2.36.3-1~deb10u1.
For the stable distribution (bullseye), these problems have been fixed in version 2.36.3-1~deb11u1.
We recommend that you upgrade your webkit2gtk packages. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202208-39
https://security.gentoo.org/
Severity: High Title: WebKitGTK+: Multiple Vulnerabilities Date: August 31, 2022 Bugs: #866494, #864427, #856445, #861740, #837305, #845252, #839984, #833568, #832990 ID: 202208-39
Synopsis
Multiple vulnerabilities have been found in WebkitGTK+, the worst of which could result in the arbitrary execution of code.
Background
WebKitGTK+ is a full-featured port of the WebKit rendering engine, suitable for projects requiring any kind of web integration, from hybrid HTML/CSS applications to full-fledged web browsers.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/webkit-gtk < 2.36.7 >= 2.36.7
Description
Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the CVE identifiers referenced below for details.
Impact
Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All WebKitGTK+ users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.36.7"
References
[ 1 ] CVE-2022-2294 https://nvd.nist.gov/vuln/detail/CVE-2022-2294 [ 2 ] CVE-2022-22589 https://nvd.nist.gov/vuln/detail/CVE-2022-22589 [ 3 ] CVE-2022-22590 https://nvd.nist.gov/vuln/detail/CVE-2022-22590 [ 4 ] CVE-2022-22592 https://nvd.nist.gov/vuln/detail/CVE-2022-22592 [ 5 ] CVE-2022-22620 https://nvd.nist.gov/vuln/detail/CVE-2022-22620 [ 6 ] CVE-2022-22624 https://nvd.nist.gov/vuln/detail/CVE-2022-22624 [ 7 ] CVE-2022-22628 https://nvd.nist.gov/vuln/detail/CVE-2022-22628 [ 8 ] CVE-2022-22629 https://nvd.nist.gov/vuln/detail/CVE-2022-22629 [ 9 ] CVE-2022-22662 https://nvd.nist.gov/vuln/detail/CVE-2022-22662 [ 10 ] CVE-2022-22677 https://nvd.nist.gov/vuln/detail/CVE-2022-22677 [ 11 ] CVE-2022-26700 https://nvd.nist.gov/vuln/detail/CVE-2022-26700 [ 12 ] CVE-2022-26709 https://nvd.nist.gov/vuln/detail/CVE-2022-26709 [ 13 ] CVE-2022-26710 https://nvd.nist.gov/vuln/detail/CVE-2022-26710 [ 14 ] CVE-2022-26716 https://nvd.nist.gov/vuln/detail/CVE-2022-26716 [ 15 ] CVE-2022-26717 https://nvd.nist.gov/vuln/detail/CVE-2022-26717 [ 16 ] CVE-2022-26719 https://nvd.nist.gov/vuln/detail/CVE-2022-26719 [ 17 ] CVE-2022-30293 https://nvd.nist.gov/vuln/detail/CVE-2022-30293 [ 18 ] CVE-2022-30294 https://nvd.nist.gov/vuln/detail/CVE-2022-30294 [ 19 ] CVE-2022-32784 https://nvd.nist.gov/vuln/detail/CVE-2022-32784 [ 20 ] CVE-2022-32792 https://nvd.nist.gov/vuln/detail/CVE-2022-32792 [ 21 ] CVE-2022-32893 https://nvd.nist.gov/vuln/detail/CVE-2022-32893 [ 22 ] WSA-2022-0002 https://webkitgtk.org/security/WSA-2022-0002.html [ 23 ] WSA-2022-0003 https://webkitgtk.org/security/WSA-2022-0003.html [ 24 ] WSA-2022-0007 https://webkitgtk.org/security/WSA-2022-0007.html [ 25 ] WSA-2022-0008 https://webkitgtk.org/security/WSA-2022-0008.html
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202208-39
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2022 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
APPLE-SA-2022-05-16-6 tvOS 15.5
tvOS 15.5 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213254.
AppleAVD Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: An application may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management. CVE-2022-26702: an anonymous researcher
AppleAVD Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited. CVE-2022-22675: an anonymous researcher
AuthKit Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: A local user may be able to enable iCloud Photos without authentication Description: An authentication issue was addressed with improved state management. CVE-2022-26724: Jorge A. Caballero (@DataDrivenMD)
AVEVideoEncoder Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: An application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2022-26736: an anonymous researcher CVE-2022-26737: an anonymous researcher CVE-2022-26738: an anonymous researcher CVE-2022-26739: an anonymous researcher CVE-2022-26740: an anonymous researcher
DriverKit Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: A malicious application may be able to execute arbitrary code with system privileges Description: An out-of-bounds access issue was addressed with improved bounds checking. CVE-2022-26763: Linus Henze of Pinauten GmbH (pinauten.de)
ImageIO Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: An integer overflow was addressed with improved input validation. CVE-2022-26711: actae0n of Blacksun Hackers Club working with Trend Micro Zero Day Initiative
IOKit Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: An application may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed with improved locking. CVE-2022-26701: chenyuwang (@mzzzz__) of Tencent Security Xuanwu Lab
IOMobileFrameBuffer Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management. CVE-2022-26768: an anonymous researcher
IOSurfaceAccelerator Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management. CVE-2022-26771: an anonymous researcher
Kernel Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved validation. CVE-2022-26714: Peter Nguyễn Vũ Hoàng (@peternguyen14) of STAR Labs (@starlabs_sg)
Kernel Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: An application may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management. CVE-2022-26757: Ned Williamson of Google Project Zero
Kernel Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations Description: A memory corruption issue was addressed with improved validation. CVE-2022-26764: Linus Henze of Pinauten GmbH (pinauten.de)
Kernel Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication Description: A race condition was addressed with improved state handling. CVE-2022-26765: Linus Henze of Pinauten GmbH (pinauten.de)
LaunchServices Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: An access issue was addressed with additional sandbox restrictions on third-party applications. CVE-2022-26706: Arsenii Kostromin (0x3c3e)
libxml2 Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2022-23308
Security Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: A malicious app may be able to bypass signature validation Description: A certificate parsing issue was addressed with improved checks. CVE-2022-26766: Linus Henze of Pinauten GmbH (pinauten.de)
WebKit Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: Processing maliciously crafted web content may lead to code execution Description: A memory corruption issue was addressed with improved state management. WebKit Bugzilla: 238178 CVE-2022-26700: ryuzaki
WebKit Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. WebKit Bugzilla: 236950 CVE-2022-26709: Chijin Zhou of ShuiMuYuLin Ltd and Tsinghua wingtecher lab WebKit Bugzilla: 237475 CVE-2022-26710: Chijin Zhou of ShuiMuYuLin Ltd and Tsinghua wingtecher lab WebKit Bugzilla: 238171 CVE-2022-26717: Jeonghoon Shin of Theori
WebKit Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved state management. WebKit Bugzilla: 238183 CVE-2022-26716: SorryMybad (@S0rryMybad) of Kunlun Lab WebKit Bugzilla: 238699 CVE-2022-26719: Dongzhuo Zhao working with ADLab of Venustech
Wi-Fi Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: A malicious application may disclose restricted memory Description: A memory corruption issue was addressed with improved validation. CVE-2022-26745: an anonymous researcher
Additional recognition
AppleMobileFileIntegrity We would like to acknowledge Wojciech Reguła (@_r3ggi) of SecuRing for their assistance.
WebKit We would like to acknowledge James Lee, an anonymous researcher for their assistance.
Apple TV will periodically check for software updates. Alternatively, you may manually check for software updates by selecting "Settings -> System -> Software Update -> Update Software." To check the current version of software, select "Settings -> General -> About." All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222.
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmKC1TcACgkQeC9qKD1p rhiw7BAAy82XZ2+vjnjFB1FrZ7ZnKtM4pz8MMpX4ZTD2ytgkwXi0qnyzBdMe/w4p zrpedL4p/RfdDOiM/4kWBtiH62qetiXDcE8tBqN8WTE9rf55cX4jlXrHASohFI2q ErkAjo51j2fg8S7a+luyaZWzBUZqlghtzWjtFgaHOQAP5dDf+He92kDerbrIDQw9 dg0nL4os0VFgWdX0EtFC7umK8iiTFbvtoEbLDLFODWweaJN8LOP/LHe71YzAryKg Dh9ItWqVdzkCOKWR8F96NnoBs7c6B4naqQkS4k2F/m6C6ckPb8LI18ss7oiD3eMB k7oo7+u1zQFRKmk0XlfH7awxtEHjYjjw3LT8ko9QJ8mEuspxoiwW7n1mINWa7Khp YoCe88xR06kfti4h6MJDSN6JpxSnikEyJzR4j4xGL6rWjqCj+XV9ejrt9EgF8BL2 JZ+Oceoh23m7IqVoMe1Hzjf1X3nsxXJQEg/xxRwHRknAjSNtVJUKhT4/ioOc9pu6 TROAHYdSO5yRLNUNpj9RlkBeDbXtiWgA2IEg0wcUPzwf3Uzt2Qw9zBFbMb1hPSht 7zTIOtF4Ub+MD6cFuHbC7hL58pRmA4FzEczLG81BoGGaFOCD2QDt0/ySTFr1M+YD g2L2PlZNgxd0zetkTkZbvAwroMUTRSi1GqxAhVeKwbvW4XAN+yc= =G3ho -----END PGP SIGNATURE-----
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
===================================================================== Red Hat Security Advisory
Synopsis: Moderate: Logging Subsystem 5.5.5 - Red Hat OpenShift security update Advisory ID: RHSA-2022:8781-01 Product: Logging Subsystem for Red Hat OpenShift Advisory URL: https://access.redhat.com/errata/RHSA-2022:8781 Issue date: 2022-12-08 CVE Names: CVE-2016-3709 CVE-2020-35525 CVE-2020-35527 CVE-2020-36516 CVE-2020-36518 CVE-2020-36558 CVE-2021-3640 CVE-2021-30002 CVE-2022-0168 CVE-2022-0561 CVE-2022-0562 CVE-2022-0617 CVE-2022-0854 CVE-2022-0865 CVE-2022-0891 CVE-2022-0908 CVE-2022-0909 CVE-2022-0924 CVE-2022-1016 CVE-2022-1048 CVE-2022-1055 CVE-2022-1184 CVE-2022-1292 CVE-2022-1304 CVE-2022-1355 CVE-2022-1586 CVE-2022-1785 CVE-2022-1852 CVE-2022-1897 CVE-2022-1927 CVE-2022-2068 CVE-2022-2078 CVE-2022-2097 CVE-2022-2509 CVE-2022-2586 CVE-2022-2639 CVE-2022-2879 CVE-2022-2880 CVE-2022-2938 CVE-2022-3515 CVE-2022-20368 CVE-2022-21499 CVE-2022-21618 CVE-2022-21619 CVE-2022-21624 CVE-2022-21626 CVE-2022-21628 CVE-2022-22624 CVE-2022-22628 CVE-2022-22629 CVE-2022-22662 CVE-2022-22844 CVE-2022-23960 CVE-2022-24448 CVE-2022-25255 CVE-2022-26373 CVE-2022-26700 CVE-2022-26709 CVE-2022-26710 CVE-2022-26716 CVE-2022-26717 CVE-2022-26719 CVE-2022-27404 CVE-2022-27405 CVE-2022-27406 CVE-2022-27664 CVE-2022-27950 CVE-2022-28390 CVE-2022-28893 CVE-2022-29581 CVE-2022-30293 CVE-2022-32189 CVE-2022-34903 CVE-2022-36946 CVE-2022-37434 CVE-2022-37603 CVE-2022-39399 CVE-2022-41715 CVE-2022-42003 CVE-2022-42004 =====================================================================
- Summary:
Logging Subsystem 5.5.5 - Red Hat OpenShift
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Description:
Logging Subsystem 5.5.5 - Red Hat OpenShift
Security Fixe(s):
-
jackson-databind: denial of service via a large depth of nested objects (CVE-2020-36518)
-
golang: net/http: handle server errors after sending GOAWAY (CVE-2022-27664)
-
golang: archive/tar: unbounded memory consumption when reading headers (CVE-2022-2879, CVE-2022-2880, CVE-2022-41715)
-
jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)
-
jackson-databind: use of deeply nested arrays (CVE-2022-42004)
-
loader-utils: Regular expression denial of service (CVE-2022-37603)
-
golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service (CVE-2022-32189)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- Solution:
For OpenShift Container Platform 4.11 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html
For Red Hat OpenShift Logging 5.5, see the following instructions to apply this update:
https://docs.openshift.com/container-platform/4.11/logging/cluster-logging-upgrading.html
- Bugs fixed (https://bugzilla.redhat.com/):
2064698 - CVE-2020-36518 jackson-databind: denial of service via a large depth of nested objects 2113814 - CVE-2022-32189 golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service 2124669 - CVE-2022-27664 golang: net/http: handle server errors after sending GOAWAY 2132867 - CVE-2022-2879 golang: archive/tar: unbounded memory consumption when reading headers 2132868 - CVE-2022-2880 golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters 2132872 - CVE-2022-41715 golang: regexp/syntax: limit memory used by parsing regexps 2135244 - CVE-2022-42003 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS 2135247 - CVE-2022-42004 jackson-databind: use of deeply nested arrays 2140597 - CVE-2022-37603 loader-utils:Regular expression denial of service
- JIRA issues fixed (https://issues.jboss.org/):
LOG-2860 - Error on LokiStack Components when forwarding logs to Loki on proxy cluster LOG-3131 - vector: kube API server certificate validation failure due to hostname mismatch LOG-3222 - [release-5.5] fluentd plugin for kafka ca-bundle secret doesn't support multiple CAs LOG-3226 - FluentdQueueLengthIncreasing rule failing to be evaluated. LOG-3284 - [release-5.5][Vector] logs parsed into structured when json is set without structured types. LOG-3287 - [release-5.5] Increase value of cluster-logging PriorityClass to move closer to system-cluster-critical value LOG-3301 - [release-5.5][ClusterLogging] elasticsearchStatus in ClusterLogging instance CR is not updated when Elasticsearch status is changed LOG-3305 - [release-5.5] Kibana Authentication Exception cookie issue LOG-3310 - [release-5.5] Can't choose correct CA ConfigMap Key when creating lokistack in Console LOG-3332 - [release-5.5] Reconcile error on controller when creating LokiStack with tls config
- References:
https://access.redhat.com/security/cve/CVE-2016-3709 https://access.redhat.com/security/cve/CVE-2020-35525 https://access.redhat.com/security/cve/CVE-2020-35527 https://access.redhat.com/security/cve/CVE-2020-36516 https://access.redhat.com/security/cve/CVE-2020-36518 https://access.redhat.com/security/cve/CVE-2020-36558 https://access.redhat.com/security/cve/CVE-2021-3640 https://access.redhat.com/security/cve/CVE-2021-30002 https://access.redhat.com/security/cve/CVE-2022-0168 https://access.redhat.com/security/cve/CVE-2022-0561 https://access.redhat.com/security/cve/CVE-2022-0562 https://access.redhat.com/security/cve/CVE-2022-0617 https://access.redhat.com/security/cve/CVE-2022-0854 https://access.redhat.com/security/cve/CVE-2022-0865 https://access.redhat.com/security/cve/CVE-2022-0891 https://access.redhat.com/security/cve/CVE-2022-0908 https://access.redhat.com/security/cve/CVE-2022-0909 https://access.redhat.com/security/cve/CVE-2022-0924 https://access.redhat.com/security/cve/CVE-2022-1016 https://access.redhat.com/security/cve/CVE-2022-1048 https://access.redhat.com/security/cve/CVE-2022-1055 https://access.redhat.com/security/cve/CVE-2022-1184 https://access.redhat.com/security/cve/CVE-2022-1292 https://access.redhat.com/security/cve/CVE-2022-1304 https://access.redhat.com/security/cve/CVE-2022-1355 https://access.redhat.com/security/cve/CVE-2022-1586 https://access.redhat.com/security/cve/CVE-2022-1785 https://access.redhat.com/security/cve/CVE-2022-1852 https://access.redhat.com/security/cve/CVE-2022-1897 https://access.redhat.com/security/cve/CVE-2022-1927 https://access.redhat.com/security/cve/CVE-2022-2068 https://access.redhat.com/security/cve/CVE-2022-2078 https://access.redhat.com/security/cve/CVE-2022-2097 https://access.redhat.com/security/cve/CVE-2022-2509 https://access.redhat.com/security/cve/CVE-2022-2586 https://access.redhat.com/security/cve/CVE-2022-2639 https://access.redhat.com/security/cve/CVE-2022-2879 https://access.redhat.com/security/cve/CVE-2022-2880 https://access.redhat.com/security/cve/CVE-2022-2938 https://access.redhat.com/security/cve/CVE-2022-3515 https://access.redhat.com/security/cve/CVE-2022-20368 https://access.redhat.com/security/cve/CVE-2022-21499 https://access.redhat.com/security/cve/CVE-2022-21618 https://access.redhat.com/security/cve/CVE-2022-21619 https://access.redhat.com/security/cve/CVE-2022-21624 https://access.redhat.com/security/cve/CVE-2022-21626 https://access.redhat.com/security/cve/CVE-2022-21628 https://access.redhat.com/security/cve/CVE-2022-22624 https://access.redhat.com/security/cve/CVE-2022-22628 https://access.redhat.com/security/cve/CVE-2022-22629 https://access.redhat.com/security/cve/CVE-2022-22662 https://access.redhat.com/security/cve/CVE-2022-22844 https://access.redhat.com/security/cve/CVE-2022-23960 https://access.redhat.com/security/cve/CVE-2022-24448 https://access.redhat.com/security/cve/CVE-2022-25255 https://access.redhat.com/security/cve/CVE-2022-26373 https://access.redhat.com/security/cve/CVE-2022-26700 https://access.redhat.com/security/cve/CVE-2022-26709 https://access.redhat.com/security/cve/CVE-2022-26710 https://access.redhat.com/security/cve/CVE-2022-26716 https://access.redhat.com/security/cve/CVE-2022-26717 https://access.redhat.com/security/cve/CVE-2022-26719 https://access.redhat.com/security/cve/CVE-2022-27404 https://access.redhat.com/security/cve/CVE-2022-27405 https://access.redhat.com/security/cve/CVE-2022-27406 https://access.redhat.com/security/cve/CVE-2022-27664 https://access.redhat.com/security/cve/CVE-2022-27950 https://access.redhat.com/security/cve/CVE-2022-28390 https://access.redhat.com/security/cve/CVE-2022-28893 https://access.redhat.com/security/cve/CVE-2022-29581 https://access.redhat.com/security/cve/CVE-2022-30293 https://access.redhat.com/security/cve/CVE-2022-32189 https://access.redhat.com/security/cve/CVE-2022-34903 https://access.redhat.com/security/cve/CVE-2022-36946 https://access.redhat.com/security/cve/CVE-2022-37434 https://access.redhat.com/security/cve/CVE-2022-37603 https://access.redhat.com/security/cve/CVE-2022-39399 https://access.redhat.com/security/cve/CVE-2022-41715 https://access.redhat.com/security/cve/CVE-2022-42003 https://access.redhat.com/security/cve/CVE-2022-42004 https://access.redhat.com/security/updates/classification/#moderate
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc. Description:
Submariner enables direct networking between pods and services on different Kubernetes clusters that are either on-premises or in the cloud.
For more information about Submariner, see the Submariner open source community website at: https://submariner.io/.
Security fixes:
- CVE-2022-27664 golang: net/http: handle server errors after sending GOAWAY
- CVE-2022-2880 golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters
- CVE-2022-41715 golang: regexp/syntax: limit memory used by parsing regexps
- CVE-2022-41717 golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests
Bugs addressed:
- subctl diagnose firewall metrics does not work on merged kubeconfig (BZ# 2013711)
- [Submariner] - Fails to increase gateway amount after deployment (BZ# 2097381)
- Submariner gateway node does not get deleted with subctl cloud cleanup command (BZ# 2108634)
- submariner GW pods are unable to resolve the DNS of the Broker K8s API URL (BZ# 2119362)
- Submariner gateway node does not get deployed after applying ManagedClusterAddOn on Openstack (BZ# 2124219)
- unable to run subctl benchmark latency, pods fail with ImagePullBackOff (BZ# 2130326)
- [IBM Z] - Submariner addon unistallation doesnt work from ACM console (BZ# 2136442)
- Tags on AWS security group for gateway node break cloud-controller LoadBalancer (BZ# 2139477)
- RHACM - Submariner: UI support for OpenStack #19297 (ACM-1242)
- Submariner OVN support (ACM-1358)
- Submariner Azure Console support (ACM-1388)
- ManagedClusterSet consumers migrate to v1beta2 (ACM-1614)
- Submariner on disconnected ACM #22000 (ACM-1678)
- Submariner gateway: Error creating AWS security group if already exists (ACM-2055)
- Submariner gateway security group in AWS not deleted when uninstalling submariner (ACM-2057)
- The submariner-metrics-proxy pod pulls an image with wrong naming convention (ACM-2058)
- The submariner-metrics-proxy pod is not part of the Agent readiness check (ACM-2067)
- Subctl 0.14.0 prints version "vsubctl" (ACM-2132)
- managedclusters "local-cluster" not found and missing Submariner Broker CRD (ACM-2145)
- Add support of ARO to Submariner deployment (ACM-2150)
- The e2e tests execution fails for "Basic TCP connectivity" tests (ACM-2204)
- Gateway error shown "diagnose all" tests (ACM-2206)
- Submariner does not support cluster "kube-proxy ipvs mode"(ACM-2211)
- Vsphere cluster shows Pod Security admission controller warnings (ACM-2256)
- Cannot use submariner with OSP and self signed certs (ACM-2274)
- Subctl diagnose tests spawn nettest image with wrong tag nameing convention (ACM-2387)
-
Subctl 0.14.1 prints version "devel" (ACM-2482)
-
Bugs fixed (https://bugzilla.redhat.com/):
2013711 - subctl diagnose firewall metrics does not work on merged kubeconfig 2097381 - [Submariner] - Fails to increase gateway amount after deployment 2108634 - Submariner gateway node does not get deleted with subctl cloud cleanup command 2119362 - submariner GW pods are unable to resolve the DNS of the Broker K8s API URL 2124219 - Submariner gateway node does not get deployed after applying ManagedClusterAddOn on Openstack 2124669 - CVE-2022-27664 golang: net/http: handle server errors after sending GOAWAY 2130326 - unable to run subctl benchmark latency, pods fail with ImagePullBackOff 2132868 - CVE-2022-2880 golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters 2132872 - CVE-2022-41715 golang: regexp/syntax: limit memory used by parsing regexps 2136442 - [IBM Z] - Submariner addon unistallation doesnt work from ACM console 2139477 - Tags on AWS security group for gateway node break cloud-controller LoadBalancer 2161274 - CVE-2022-41717 golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests
- JIRA issues fixed (https://issues.jboss.org/):
ACM-1614 - ManagedClusterSet consumers migrate to v1beta2 (Submariner) ACM-2055 - Submariner gateway: Error creating AWS security group if already exists ACM-2057 - [Submariner] - submariner gateway security group in aws not deleted when uninstalling submariner ACM-2058 - [Submariner] - The submariner-metrics-proxy pod pulls an image with wrong naming convention ACM-2067 - [Submariner] - The submariner-metrics-proxy pod is not part of the Agent readiness check ACM-2132 - Subctl 0.14.0 prints version "vsubctl" ACM-2145 - managedclusters "local-cluster" not found and missing Submariner Broker CRD ACM-2150 - Add support of ARO to Submariner deployment ACM-2204 - [Submariner] - e2e tests execution fails for "Basic TCP connectivity" tests ACM-2206 - [Submariner] - Gateway error shown "diagnose all" tests ACM-2211 - [Submariner] - Submariner does not support cluster "kube-proxy ipvs mode" ACM-2256 - [Submariner] - Vsphere cluster shows Pod Security admission controller warnings ACM-2274 - Cannot use submariner with OSP and self signed certs ACM-2387 - [Submariner] - subctl diagnose tests spawn nettest image with wrong tag nameing convention ACM-2482 - Subctl 0.14.1 prints version "devel"
- Description:
Service Binding manages the data plane for applications and backing services. Bugs fixed (https://bugzilla.redhat.com/):
2161274 - CVE-2022-41717 golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests
- Description:
Red Hat Advanced Cluster Management for Kubernetes 2.6.3 images
Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in.
This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs. See the following Release Notes documentation, which will be updated shortly for this release, for additional details about this release:
https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.6/html/release_notes/
Bugs addressed:
-
clusters belong to global clusterset is not selected by placement when rescheduling (BZ# 2129679)
-
RHACM 2.6.3 images (BZ# 2139085)
Security fixes:
-
CVE-2022-3517 nodejs-minimatch: ReDoS via the braceExpand function Security
-
CVE-2022-41912 crewjam/saml: Authentication bypass when processing SAML responses containing multiple Assertion elements
-
Bugs fixed (https://bugzilla.redhat.com/):
2129679 - clusters belong to global clusterset is not selected by placement when rescheduling 2134609 - CVE-2022-3517 nodejs-minimatch: ReDoS via the braceExpand function 2139085 - RHACM 2.6.3 images 2149181 - CVE-2022-41912 crewjam/saml: Authentication bypass when processing SAML responses containing multiple Assertion elements
- Summary:
The Migration Toolkit for Containers (MTC) 1.7.6 is now available. Description:
The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.
Security Fix(es) from Bugzilla:
-
golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)
-
golang: go/parser: stack exhaustion in all Parse* functions (CVE-2022-1962)
-
golang: encoding/xml: stack exhaustion in Decoder.Skip (CVE-2022-28131)
-
golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)
-
golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)
-
golang: encoding/xml: stack exhaustion in Unmarshal (CVE-2022-30633)
-
golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)
-
golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)
-
golang: crypto/tls: session tickets lack random ticket_age_add (CVE-2022-30629)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Solution:
For details on how to install and use MTC, refer to:
https://docs.openshift.com/container-platform/latest/migration_toolkit_for_containers/installing-mtc.html
- Bugs fixed (https://bugzilla.redhat.com/):
2092793 - CVE-2022-30629 golang: crypto/tls: session tickets lack random ticket_age_add 2107371 - CVE-2022-30630 golang: io/fs: stack exhaustion in Glob 2107374 - CVE-2022-1705 golang: net/http: improper sanitization of Transfer-Encoding header 2107376 - CVE-2022-1962 golang: go/parser: stack exhaustion in all Parse* functions 2107383 - CVE-2022-32148 golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working 2107386 - CVE-2022-30632 golang: path/filepath: stack exhaustion in Glob 2107388 - CVE-2022-30635 golang: encoding/gob: stack exhaustion in Decoder.Decode 2107390 - CVE-2022-28131 golang: encoding/xml: stack exhaustion in Decoder.Skip 2107392 - CVE-2022-30633 golang: encoding/xml: stack exhaustion in Unmarshal 2132957 - Migration fails at UnQuiesceDestApplications step in OCP 4.12 2137304 - Location for host cluster is missing in the UI 2140208 - When editing a MigHook in the UI, the page may fail to reload 2143628 - Unable to create Storage Class Conversion plan due to missing cronjob error in OCP 4.12 2143872 - Namespaces page in web console stuck in loading phase 2149920 - Migration fails at prebackupHooks step
- JIRA issues fixed (https://issues.jboss.org/):
MIG-1240 - Implement proposed changes for DVM support with PSAs in 4.12
6
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202205-1291",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "macos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "12.4"
},
{
"model": "safari",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "15.5"
},
{
"model": "macos",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "12.0.0"
},
{
"model": "iphone os",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "15.5"
},
{
"model": "tvos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "15.5"
},
{
"model": "watchos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "8.6"
},
{
"model": "ipados",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "15.5"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-26709"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "170162"
},
{
"db": "PACKETSTORM",
"id": "170898"
},
{
"db": "PACKETSTORM",
"id": "171127"
},
{
"db": "PACKETSTORM",
"id": "170242"
},
{
"db": "PACKETSTORM",
"id": "170243"
}
],
"trust": 0.5
},
"cve": "CVE-2022-26709",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2022-26709",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2022-26709",
"trust": 1.0,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-26709"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution. Apple tvOS is a smart TV operating system developed by Apple (Apple). Apple tvOS 15.0 19J346 - 15.4.1 19L452 versions contain a resource management error vulnerability caused by a use-after-free error when handling HTML content in WebKit. A remote attacker could exploit this vulnerability to compromise a vulnerable system. \n\nFor the oldstable distribution (buster), these problems have been fixed\nin version 2.36.3-1~deb10u1. \n\nFor the stable distribution (bullseye), these problems have been fixed in\nversion 2.36.3-1~deb11u1. \n\nWe recommend that you upgrade your webkit2gtk packages. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 202208-39\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: WebKitGTK+: Multiple Vulnerabilities\n Date: August 31, 2022\n Bugs: #866494, #864427, #856445, #861740, #837305, #845252, #839984, #833568, #832990\n ID: 202208-39\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n=======\nMultiple vulnerabilities have been found in WebkitGTK+, the worst of\nwhich could result in the arbitrary execution of code. \n\nBackground\n=========\nWebKitGTK+ is a full-featured port of the WebKit rendering engine,\nsuitable for projects requiring any kind of web integration, from hybrid\nHTML/CSS applications to full-fledged web browsers. \n\nAffected packages\n================\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 net-libs/webkit-gtk \u003c 2.36.7 \u003e= 2.36.7\n\nDescription\n==========\nMultiple vulnerabilities have been discovered in WebKitGTK+. Please\nreview the CVE identifiers referenced below for details. \n\nImpact\n=====\nPlease review the referenced CVE identifiers for details. \n\nWorkaround\n=========\nThere is no known workaround at this time. \n\nResolution\n=========\nAll WebKitGTK+ users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-libs/webkit-gtk-2.36.7\"\n\nReferences\n=========\n[ 1 ] CVE-2022-2294\n https://nvd.nist.gov/vuln/detail/CVE-2022-2294\n[ 2 ] CVE-2022-22589\n https://nvd.nist.gov/vuln/detail/CVE-2022-22589\n[ 3 ] CVE-2022-22590\n https://nvd.nist.gov/vuln/detail/CVE-2022-22590\n[ 4 ] CVE-2022-22592\n https://nvd.nist.gov/vuln/detail/CVE-2022-22592\n[ 5 ] CVE-2022-22620\n https://nvd.nist.gov/vuln/detail/CVE-2022-22620\n[ 6 ] CVE-2022-22624\n https://nvd.nist.gov/vuln/detail/CVE-2022-22624\n[ 7 ] CVE-2022-22628\n https://nvd.nist.gov/vuln/detail/CVE-2022-22628\n[ 8 ] CVE-2022-22629\n https://nvd.nist.gov/vuln/detail/CVE-2022-22629\n[ 9 ] CVE-2022-22662\n https://nvd.nist.gov/vuln/detail/CVE-2022-22662\n[ 10 ] CVE-2022-22677\n https://nvd.nist.gov/vuln/detail/CVE-2022-22677\n[ 11 ] CVE-2022-26700\n https://nvd.nist.gov/vuln/detail/CVE-2022-26700\n[ 12 ] CVE-2022-26709\n https://nvd.nist.gov/vuln/detail/CVE-2022-26709\n[ 13 ] CVE-2022-26710\n https://nvd.nist.gov/vuln/detail/CVE-2022-26710\n[ 14 ] CVE-2022-26716\n https://nvd.nist.gov/vuln/detail/CVE-2022-26716\n[ 15 ] CVE-2022-26717\n https://nvd.nist.gov/vuln/detail/CVE-2022-26717\n[ 16 ] CVE-2022-26719\n https://nvd.nist.gov/vuln/detail/CVE-2022-26719\n[ 17 ] CVE-2022-30293\n https://nvd.nist.gov/vuln/detail/CVE-2022-30293\n[ 18 ] CVE-2022-30294\n https://nvd.nist.gov/vuln/detail/CVE-2022-30294\n[ 19 ] CVE-2022-32784\n https://nvd.nist.gov/vuln/detail/CVE-2022-32784\n[ 20 ] CVE-2022-32792\n https://nvd.nist.gov/vuln/detail/CVE-2022-32792\n[ 21 ] CVE-2022-32893\n https://nvd.nist.gov/vuln/detail/CVE-2022-32893\n[ 22 ] WSA-2022-0002\n https://webkitgtk.org/security/WSA-2022-0002.html\n[ 23 ] WSA-2022-0003\n https://webkitgtk.org/security/WSA-2022-0003.html\n[ 24 ] WSA-2022-0007\n https://webkitgtk.org/security/WSA-2022-0007.html\n[ 25 ] WSA-2022-0008\n https://webkitgtk.org/security/WSA-2022-0008.html\n\nAvailability\n===========\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/202208-39\n\nConcerns?\n========\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n======\nCopyright 2022 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2022-05-16-6 tvOS 15.5\n\ntvOS 15.5 addresses the following issues. \nInformation about the security content is also available at\nhttps://support.apple.com/HT213254. \n\nAppleAVD\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple\nTV HD\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A use after free issue was addressed with improved\nmemory management. \nCVE-2022-26702: an anonymous researcher\n\nAppleAVD\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple\nTV HD\nImpact: An application may be able to execute arbitrary code with\nkernel privileges. Apple is aware of a report that this issue may\nhave been actively exploited. \nCVE-2022-22675: an anonymous researcher\n\nAuthKit\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple\nTV HD\nImpact: A local user may be able to enable iCloud Photos without\nauthentication\nDescription: An authentication issue was addressed with improved\nstate management. \nCVE-2022-26724: Jorge A. Caballero (@DataDrivenMD)\n\nAVEVideoEncoder\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple\nTV HD\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: An out-of-bounds write issue was addressed with improved\nbounds checking. \nCVE-2022-26736: an anonymous researcher\nCVE-2022-26737: an anonymous researcher\nCVE-2022-26738: an anonymous researcher\nCVE-2022-26739: an anonymous researcher\nCVE-2022-26740: an anonymous researcher\n\nDriverKit\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple\nTV HD\nImpact: A malicious application may be able to execute arbitrary code\nwith system privileges\nDescription: An out-of-bounds access issue was addressed with\nimproved bounds checking. \nCVE-2022-26763: Linus Henze of Pinauten GmbH (pinauten.de)\n\nImageIO\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple\nTV HD\nImpact: A remote attacker may be able to cause unexpected application\ntermination or arbitrary code execution\nDescription: An integer overflow was addressed with improved input\nvalidation. \nCVE-2022-26711: actae0n of Blacksun Hackers Club working with Trend\nMicro Zero Day Initiative\n\nIOKit\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple\nTV HD\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A race condition was addressed with improved locking. \nCVE-2022-26701: chenyuwang (@mzzzz__) of Tencent Security Xuanwu Lab\n\nIOMobileFrameBuffer\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple\nTV HD\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nstate management. \nCVE-2022-26768: an anonymous researcher\n\nIOSurfaceAccelerator\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple\nTV HD\nImpact: A malicious application may be able to execute arbitrary code\nwith kernel privileges\nDescription: A memory corruption issue was addressed with improved\nstate management. \nCVE-2022-26771: an anonymous researcher\n\nKernel\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple\nTV HD\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nvalidation. \nCVE-2022-26714: Peter Nguy\u1ec5n V\u0169 Ho\u00e0ng (@peternguyen14) of STAR Labs\n(@starlabs_sg)\n\nKernel\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple\nTV HD\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A use after free issue was addressed with improved\nmemory management. \nCVE-2022-26757: Ned Williamson of Google Project Zero\n\nKernel\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple\nTV HD\nImpact: An attacker that has already achieved kernel code execution\nmay be able to bypass kernel memory mitigations\nDescription: A memory corruption issue was addressed with improved\nvalidation. \nCVE-2022-26764: Linus Henze of Pinauten GmbH (pinauten.de)\n\nKernel\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple\nTV HD\nImpact: A malicious attacker with arbitrary read and write capability\nmay be able to bypass Pointer Authentication\nDescription: A race condition was addressed with improved state\nhandling. \nCVE-2022-26765: Linus Henze of Pinauten GmbH (pinauten.de)\n\nLaunchServices\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple\nTV HD\nImpact: A sandboxed process may be able to circumvent sandbox\nrestrictions\nDescription: An access issue was addressed with additional sandbox\nrestrictions on third-party applications. \nCVE-2022-26706: Arsenii Kostromin (0x3c3e)\n\nlibxml2\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple\nTV HD\nImpact: A remote attacker may be able to cause unexpected application\ntermination or arbitrary code execution\nDescription: A use after free issue was addressed with improved\nmemory management. \nCVE-2022-23308\n\nSecurity\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple\nTV HD\nImpact: A malicious app may be able to bypass signature validation\nDescription: A certificate parsing issue was addressed with improved\nchecks. \nCVE-2022-26766: Linus Henze of Pinauten GmbH (pinauten.de)\n\nWebKit\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple\nTV HD\nImpact: Processing maliciously crafted web content may lead to code\nexecution\nDescription: A memory corruption issue was addressed with improved\nstate management. \nWebKit Bugzilla: 238178\nCVE-2022-26700: ryuzaki\n\nWebKit\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple\nTV HD\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: A use after free issue was addressed with improved\nmemory management. \nWebKit Bugzilla: 236950\nCVE-2022-26709: Chijin Zhou of ShuiMuYuLin Ltd and Tsinghua\nwingtecher lab\nWebKit Bugzilla: 237475\nCVE-2022-26710: Chijin Zhou of ShuiMuYuLin Ltd and Tsinghua\nwingtecher lab\nWebKit Bugzilla: 238171\nCVE-2022-26717: Jeonghoon Shin of Theori\n\nWebKit\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple\nTV HD\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: A memory corruption issue was addressed with improved\nstate management. \nWebKit Bugzilla: 238183\nCVE-2022-26716: SorryMybad (@S0rryMybad) of Kunlun Lab\nWebKit Bugzilla: 238699\nCVE-2022-26719: Dongzhuo Zhao working with ADLab of Venustech\n\nWi-Fi\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple\nTV HD\nImpact: A malicious application may disclose restricted memory\nDescription: A memory corruption issue was addressed with improved\nvalidation. \nCVE-2022-26745: an anonymous researcher\n\nAdditional recognition\n\nAppleMobileFileIntegrity\nWe would like to acknowledge Wojciech Regu\u0142a (@_r3ggi) of SecuRing\nfor their assistance. \n\nWebKit\nWe would like to acknowledge James Lee, an anonymous researcher for\ntheir assistance. \n\nApple TV will periodically check for software updates. Alternatively,\nyou may manually check for software updates by selecting \"Settings -\u003e\nSystem -\u003e Software Update -\u003e Update Software.\" To check the current\nversion of software, select \"Settings -\u003e General -\u003e About.\"\nAll information is also posted on the Apple Security Updates\nweb site: https://support.apple.com/en-us/HT201222. \n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmKC1TcACgkQeC9qKD1p\nrhiw7BAAy82XZ2+vjnjFB1FrZ7ZnKtM4pz8MMpX4ZTD2ytgkwXi0qnyzBdMe/w4p\nzrpedL4p/RfdDOiM/4kWBtiH62qetiXDcE8tBqN8WTE9rf55cX4jlXrHASohFI2q\nErkAjo51j2fg8S7a+luyaZWzBUZqlghtzWjtFgaHOQAP5dDf+He92kDerbrIDQw9\ndg0nL4os0VFgWdX0EtFC7umK8iiTFbvtoEbLDLFODWweaJN8LOP/LHe71YzAryKg\nDh9ItWqVdzkCOKWR8F96NnoBs7c6B4naqQkS4k2F/m6C6ckPb8LI18ss7oiD3eMB\nk7oo7+u1zQFRKmk0XlfH7awxtEHjYjjw3LT8ko9QJ8mEuspxoiwW7n1mINWa7Khp\nYoCe88xR06kfti4h6MJDSN6JpxSnikEyJzR4j4xGL6rWjqCj+XV9ejrt9EgF8BL2\nJZ+Oceoh23m7IqVoMe1Hzjf1X3nsxXJQEg/xxRwHRknAjSNtVJUKhT4/ioOc9pu6\nTROAHYdSO5yRLNUNpj9RlkBeDbXtiWgA2IEg0wcUPzwf3Uzt2Qw9zBFbMb1hPSht\n7zTIOtF4Ub+MD6cFuHbC7hL58pRmA4FzEczLG81BoGGaFOCD2QDt0/ySTFr1M+YD\ng2L2PlZNgxd0zetkTkZbvAwroMUTRSi1GqxAhVeKwbvW4XAN+yc=\n=G3ho\n-----END PGP SIGNATURE-----\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Moderate: Logging Subsystem 5.5.5 - Red Hat OpenShift security update\nAdvisory ID: RHSA-2022:8781-01\nProduct: Logging Subsystem for Red Hat OpenShift\nAdvisory URL: https://access.redhat.com/errata/RHSA-2022:8781\nIssue date: 2022-12-08\nCVE Names: CVE-2016-3709 CVE-2020-35525 CVE-2020-35527 \n CVE-2020-36516 CVE-2020-36518 CVE-2020-36558 \n CVE-2021-3640 CVE-2021-30002 CVE-2022-0168 \n CVE-2022-0561 CVE-2022-0562 CVE-2022-0617 \n CVE-2022-0854 CVE-2022-0865 CVE-2022-0891 \n CVE-2022-0908 CVE-2022-0909 CVE-2022-0924 \n CVE-2022-1016 CVE-2022-1048 CVE-2022-1055 \n CVE-2022-1184 CVE-2022-1292 CVE-2022-1304 \n CVE-2022-1355 CVE-2022-1586 CVE-2022-1785 \n CVE-2022-1852 CVE-2022-1897 CVE-2022-1927 \n CVE-2022-2068 CVE-2022-2078 CVE-2022-2097 \n CVE-2022-2509 CVE-2022-2586 CVE-2022-2639 \n CVE-2022-2879 CVE-2022-2880 CVE-2022-2938 \n CVE-2022-3515 CVE-2022-20368 CVE-2022-21499 \n CVE-2022-21618 CVE-2022-21619 CVE-2022-21624 \n CVE-2022-21626 CVE-2022-21628 CVE-2022-22624 \n CVE-2022-22628 CVE-2022-22629 CVE-2022-22662 \n CVE-2022-22844 CVE-2022-23960 CVE-2022-24448 \n CVE-2022-25255 CVE-2022-26373 CVE-2022-26700 \n CVE-2022-26709 CVE-2022-26710 CVE-2022-26716 \n CVE-2022-26717 CVE-2022-26719 CVE-2022-27404 \n CVE-2022-27405 CVE-2022-27406 CVE-2022-27664 \n CVE-2022-27950 CVE-2022-28390 CVE-2022-28893 \n CVE-2022-29581 CVE-2022-30293 CVE-2022-32189 \n CVE-2022-34903 CVE-2022-36946 CVE-2022-37434 \n CVE-2022-37603 CVE-2022-39399 CVE-2022-41715 \n CVE-2022-42003 CVE-2022-42004 \n=====================================================================\n\n1. Summary:\n\nLogging Subsystem 5.5.5 - Red Hat OpenShift\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Description:\n\nLogging Subsystem 5.5.5 - Red Hat OpenShift\n\nSecurity Fixe(s):\n\n* jackson-databind: denial of service via a large depth of nested\nobjects (CVE-2020-36518)\n\n* golang: net/http: handle server errors after sending GOAWAY\n(CVE-2022-27664)\n\n* golang: archive/tar: unbounded memory consumption when reading headers\n(CVE-2022-2879, CVE-2022-2880, CVE-2022-41715)\n\n* jackson-databind: deep wrapper array nesting wrt\nUNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)\n\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n\n* loader-utils: Regular expression denial of service (CVE-2022-37603)\n\n* golang: math/big: decoding big.Float and big.Rat types can panic if the\nencoded message is too short, potentially allowing a denial of service\n(CVE-2022-32189)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\n3. Solution:\n\nFor OpenShift Container Platform 4.11 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html\n\nFor Red Hat OpenShift Logging 5.5, see the following instructions to apply\nthis update:\n\nhttps://docs.openshift.com/container-platform/4.11/logging/cluster-logging-upgrading.html\n\n4. Bugs fixed (https://bugzilla.redhat.com/):\n\n2064698 - CVE-2020-36518 jackson-databind: denial of service via a large depth of nested objects\n2113814 - CVE-2022-32189 golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service\n2124669 - CVE-2022-27664 golang: net/http: handle server errors after sending GOAWAY\n2132867 - CVE-2022-2879 golang: archive/tar: unbounded memory consumption when reading headers\n2132868 - CVE-2022-2880 golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters\n2132872 - CVE-2022-41715 golang: regexp/syntax: limit memory used by parsing regexps\n2135244 - CVE-2022-42003 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS\n2135247 - CVE-2022-42004 jackson-databind: use of deeply nested arrays\n2140597 - CVE-2022-37603 loader-utils:Regular expression denial of service\n\n5. JIRA issues fixed (https://issues.jboss.org/):\n\nLOG-2860 - Error on LokiStack Components when forwarding logs to Loki on proxy cluster\nLOG-3131 - vector: kube API server certificate validation failure due to hostname mismatch\nLOG-3222 - [release-5.5] fluentd plugin for kafka ca-bundle secret doesn\u0027t support multiple CAs\nLOG-3226 - FluentdQueueLengthIncreasing rule failing to be evaluated. \nLOG-3284 - [release-5.5][Vector] logs parsed into structured when json is set without structured types. \nLOG-3287 - [release-5.5] Increase value of cluster-logging PriorityClass to move closer to system-cluster-critical value\nLOG-3301 - [release-5.5][ClusterLogging] elasticsearchStatus in ClusterLogging instance CR is not updated when Elasticsearch status is changed\nLOG-3305 - [release-5.5] Kibana Authentication Exception cookie issue\nLOG-3310 - [release-5.5] Can\u0027t choose correct CA ConfigMap Key when creating lokistack in Console\nLOG-3332 - [release-5.5] Reconcile error on controller when creating LokiStack with tls config\n\n6. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-3709\nhttps://access.redhat.com/security/cve/CVE-2020-35525\nhttps://access.redhat.com/security/cve/CVE-2020-35527\nhttps://access.redhat.com/security/cve/CVE-2020-36516\nhttps://access.redhat.com/security/cve/CVE-2020-36518\nhttps://access.redhat.com/security/cve/CVE-2020-36558\nhttps://access.redhat.com/security/cve/CVE-2021-3640\nhttps://access.redhat.com/security/cve/CVE-2021-30002\nhttps://access.redhat.com/security/cve/CVE-2022-0168\nhttps://access.redhat.com/security/cve/CVE-2022-0561\nhttps://access.redhat.com/security/cve/CVE-2022-0562\nhttps://access.redhat.com/security/cve/CVE-2022-0617\nhttps://access.redhat.com/security/cve/CVE-2022-0854\nhttps://access.redhat.com/security/cve/CVE-2022-0865\nhttps://access.redhat.com/security/cve/CVE-2022-0891\nhttps://access.redhat.com/security/cve/CVE-2022-0908\nhttps://access.redhat.com/security/cve/CVE-2022-0909\nhttps://access.redhat.com/security/cve/CVE-2022-0924\nhttps://access.redhat.com/security/cve/CVE-2022-1016\nhttps://access.redhat.com/security/cve/CVE-2022-1048\nhttps://access.redhat.com/security/cve/CVE-2022-1055\nhttps://access.redhat.com/security/cve/CVE-2022-1184\nhttps://access.redhat.com/security/cve/CVE-2022-1292\nhttps://access.redhat.com/security/cve/CVE-2022-1304\nhttps://access.redhat.com/security/cve/CVE-2022-1355\nhttps://access.redhat.com/security/cve/CVE-2022-1586\nhttps://access.redhat.com/security/cve/CVE-2022-1785\nhttps://access.redhat.com/security/cve/CVE-2022-1852\nhttps://access.redhat.com/security/cve/CVE-2022-1897\nhttps://access.redhat.com/security/cve/CVE-2022-1927\nhttps://access.redhat.com/security/cve/CVE-2022-2068\nhttps://access.redhat.com/security/cve/CVE-2022-2078\nhttps://access.redhat.com/security/cve/CVE-2022-2097\nhttps://access.redhat.com/security/cve/CVE-2022-2509\nhttps://access.redhat.com/security/cve/CVE-2022-2586\nhttps://access.redhat.com/security/cve/CVE-2022-2639\nhttps://access.redhat.com/security/cve/CVE-2022-2879\nhttps://access.redhat.com/security/cve/CVE-2022-2880\nhttps://access.redhat.com/security/cve/CVE-2022-2938\nhttps://access.redhat.com/security/cve/CVE-2022-3515\nhttps://access.redhat.com/security/cve/CVE-2022-20368\nhttps://access.redhat.com/security/cve/CVE-2022-21499\nhttps://access.redhat.com/security/cve/CVE-2022-21618\nhttps://access.redhat.com/security/cve/CVE-2022-21619\nhttps://access.redhat.com/security/cve/CVE-2022-21624\nhttps://access.redhat.com/security/cve/CVE-2022-21626\nhttps://access.redhat.com/security/cve/CVE-2022-21628\nhttps://access.redhat.com/security/cve/CVE-2022-22624\nhttps://access.redhat.com/security/cve/CVE-2022-22628\nhttps://access.redhat.com/security/cve/CVE-2022-22629\nhttps://access.redhat.com/security/cve/CVE-2022-22662\nhttps://access.redhat.com/security/cve/CVE-2022-22844\nhttps://access.redhat.com/security/cve/CVE-2022-23960\nhttps://access.redhat.com/security/cve/CVE-2022-24448\nhttps://access.redhat.com/security/cve/CVE-2022-25255\nhttps://access.redhat.com/security/cve/CVE-2022-26373\nhttps://access.redhat.com/security/cve/CVE-2022-26700\nhttps://access.redhat.com/security/cve/CVE-2022-26709\nhttps://access.redhat.com/security/cve/CVE-2022-26710\nhttps://access.redhat.com/security/cve/CVE-2022-26716\nhttps://access.redhat.com/security/cve/CVE-2022-26717\nhttps://access.redhat.com/security/cve/CVE-2022-26719\nhttps://access.redhat.com/security/cve/CVE-2022-27404\nhttps://access.redhat.com/security/cve/CVE-2022-27405\nhttps://access.redhat.com/security/cve/CVE-2022-27406\nhttps://access.redhat.com/security/cve/CVE-2022-27664\nhttps://access.redhat.com/security/cve/CVE-2022-27950\nhttps://access.redhat.com/security/cve/CVE-2022-28390\nhttps://access.redhat.com/security/cve/CVE-2022-28893\nhttps://access.redhat.com/security/cve/CVE-2022-29581\nhttps://access.redhat.com/security/cve/CVE-2022-30293\nhttps://access.redhat.com/security/cve/CVE-2022-32189\nhttps://access.redhat.com/security/cve/CVE-2022-34903\nhttps://access.redhat.com/security/cve/CVE-2022-36946\nhttps://access.redhat.com/security/cve/CVE-2022-37434\nhttps://access.redhat.com/security/cve/CVE-2022-37603\nhttps://access.redhat.com/security/cve/CVE-2022-39399\nhttps://access.redhat.com/security/cve/CVE-2022-41715\nhttps://access.redhat.com/security/cve/CVE-2022-42003\nhttps://access.redhat.com/security/cve/CVE-2022-42004\nhttps://access.redhat.com/security/updates/classification/#moderate\n\n7. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2022 Red Hat, Inc. Description:\n\nSubmariner enables direct networking between pods and services on different\nKubernetes clusters that are either on-premises or in the cloud. \n\nFor more information about Submariner, see the Submariner open source\ncommunity website at: https://submariner.io/. \n\nSecurity fixes:\n\n* CVE-2022-27664 golang: net/http: handle server errors after sending\nGOAWAY\n* CVE-2022-2880 golang: net/http/httputil: ReverseProxy should not forward\nunparseable query parameters\n* CVE-2022-41715 golang: regexp/syntax: limit memory used by parsing\nregexps\n* CVE-2022-41717 golang: net/http: An attacker can cause excessive memory\ngrowth in a Go server accepting HTTP/2 requests\n\nBugs addressed:\n\n* subctl diagnose firewall metrics does not work on merged kubeconfig (BZ#\n2013711)\n* [Submariner] - Fails to increase gateway amount after deployment (BZ#\n2097381)\n* Submariner gateway node does not get deleted with subctl cloud cleanup\ncommand (BZ# 2108634)\n* submariner GW pods are unable to resolve the DNS of the Broker K8s API\nURL (BZ# 2119362)\n* Submariner gateway node does not get deployed after applying\nManagedClusterAddOn on Openstack (BZ# 2124219)\n* unable to run subctl benchmark latency, pods fail with ImagePullBackOff\n(BZ# 2130326)\n* [IBM Z] - Submariner addon unistallation doesnt work from ACM console\n(BZ# 2136442)\n* Tags on AWS security group for gateway node break cloud-controller\nLoadBalancer (BZ# 2139477)\n* RHACM - Submariner: UI support for OpenStack #19297 (ACM-1242)\n* Submariner OVN support (ACM-1358)\n* Submariner Azure Console support (ACM-1388)\n* ManagedClusterSet consumers migrate to v1beta2 (ACM-1614)\n* Submariner on disconnected ACM #22000 (ACM-1678)\n* Submariner gateway: Error creating AWS security group if already exists\n(ACM-2055)\n* Submariner gateway security group in AWS not deleted when uninstalling\nsubmariner (ACM-2057)\n* The submariner-metrics-proxy pod pulls an image with wrong naming\nconvention (ACM-2058)\n* The submariner-metrics-proxy pod is not part of the Agent readiness check\n(ACM-2067)\n* Subctl 0.14.0 prints version \"vsubctl\" (ACM-2132)\n* managedclusters \"local-cluster\" not found and missing Submariner Broker\nCRD (ACM-2145)\n* Add support of ARO to Submariner deployment (ACM-2150)\n* The e2e tests execution fails for \"Basic TCP connectivity\" tests\n(ACM-2204)\n* Gateway error shown \"diagnose all\" tests (ACM-2206)\n* Submariner does not support cluster \"kube-proxy ipvs mode\"(ACM-2211)\n* Vsphere cluster shows Pod Security admission controller warnings\n(ACM-2256)\n* Cannot use submariner with OSP and self signed certs (ACM-2274)\n* Subctl diagnose tests spawn nettest image with wrong tag nameing\nconvention (ACM-2387)\n* Subctl 0.14.1 prints version \"devel\" (ACM-2482)\n\n3. Bugs fixed (https://bugzilla.redhat.com/):\n\n2013711 - subctl diagnose firewall metrics does not work on merged kubeconfig\n2097381 - [Submariner] - Fails to increase gateway amount after deployment\n2108634 - Submariner gateway node does not get deleted with subctl cloud cleanup command\n2119362 - submariner GW pods are unable to resolve the DNS of the Broker K8s API URL\n2124219 - Submariner gateway node does not get deployed after applying ManagedClusterAddOn on Openstack\n2124669 - CVE-2022-27664 golang: net/http: handle server errors after sending GOAWAY\n2130326 - unable to run subctl benchmark latency, pods fail with ImagePullBackOff\n2132868 - CVE-2022-2880 golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters\n2132872 - CVE-2022-41715 golang: regexp/syntax: limit memory used by parsing regexps\n2136442 - [IBM Z] - Submariner addon unistallation doesnt work from ACM console\n2139477 - Tags on AWS security group for gateway node break cloud-controller LoadBalancer\n2161274 - CVE-2022-41717 golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests\n\n5. JIRA issues fixed (https://issues.jboss.org/):\n\nACM-1614 - ManagedClusterSet consumers migrate to v1beta2 (Submariner)\nACM-2055 - Submariner gateway: Error creating AWS security group if already exists\nACM-2057 - [Submariner] - submariner gateway security group in aws not deleted when uninstalling submariner\nACM-2058 - [Submariner] - The submariner-metrics-proxy pod pulls an image with wrong naming convention\nACM-2067 - [Submariner] - The submariner-metrics-proxy pod is not part of the Agent readiness check\nACM-2132 - Subctl 0.14.0 prints version \"vsubctl\"\nACM-2145 - managedclusters \"local-cluster\" not found and missing Submariner Broker CRD\nACM-2150 - Add support of ARO to Submariner deployment\nACM-2204 - [Submariner] - e2e tests execution fails for \"Basic TCP connectivity\" tests\nACM-2206 - [Submariner] - Gateway error shown \"diagnose all\" tests\nACM-2211 - [Submariner] - Submariner does not support cluster \"kube-proxy ipvs mode\"\nACM-2256 - [Submariner] - Vsphere cluster shows Pod Security admission controller warnings\nACM-2274 - Cannot use submariner with OSP and self signed certs\nACM-2387 - [Submariner] - subctl diagnose tests spawn nettest image with wrong tag nameing convention\nACM-2482 - Subctl 0.14.1 prints version \"devel\"\n\n6. Description:\n\nService Binding manages the data plane for applications and backing\nservices. Bugs fixed (https://bugzilla.redhat.com/):\n\n2161274 - CVE-2022-41717 golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests\n\n5. Description:\n\nRed Hat Advanced Cluster Management for Kubernetes 2.6.3 images\n\nRed Hat Advanced Cluster Management for Kubernetes provides the\ncapabilities to address common challenges that administrators and site\nreliability engineers face as they work across a range of public and\nprivate cloud environments. Clusters and applications are all visible and\nmanaged from a single console\u2014with security policy built in. \n\nThis advisory contains the container images for Red Hat Advanced Cluster\nManagement for Kubernetes, which fix several bugs. See the following\nRelease Notes documentation, which will be updated shortly for this\nrelease, for additional details about this release:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.6/html/release_notes/\n\nBugs addressed:\n\n* clusters belong to global clusterset is not selected by placement when\nrescheduling (BZ# 2129679)\n\n* RHACM 2.6.3 images (BZ# 2139085)\n\nSecurity fixes:\n\n* CVE-2022-3517 nodejs-minimatch: ReDoS via the braceExpand function \n Security\n\n* CVE-2022-41912 crewjam/saml: Authentication bypass when processing SAML\nresponses containing multiple Assertion elements\n\n3. Bugs fixed (https://bugzilla.redhat.com/):\n\n2129679 - clusters belong to global clusterset is not selected by placement when rescheduling\n2134609 - CVE-2022-3517 nodejs-minimatch: ReDoS via the braceExpand function\n2139085 - RHACM 2.6.3 images\n2149181 - CVE-2022-41912 crewjam/saml: Authentication bypass when processing SAML responses containing multiple Assertion elements\n\n5. Summary:\n\nThe Migration Toolkit for Containers (MTC) 1.7.6 is now available. Description:\n\nThe Migration Toolkit for Containers (MTC) enables you to migrate\nKubernetes resources, persistent volume data, and internal container images\nbetween OpenShift Container Platform clusters, using the MTC web console or\nthe Kubernetes API. \n\nSecurity Fix(es) from Bugzilla:\n\n* golang: net/http: improper sanitization of Transfer-Encoding header\n(CVE-2022-1705)\n\n* golang: go/parser: stack exhaustion in all Parse* functions\n(CVE-2022-1962)\n\n* golang: encoding/xml: stack exhaustion in Decoder.Skip (CVE-2022-28131)\n\n* golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)\n\n* golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)\n\n* golang: encoding/xml: stack exhaustion in Unmarshal (CVE-2022-30633)\n\n* golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)\n\n* golang: net/http/httputil: NewSingleHostReverseProxy - omit\nX-Forwarded-For not working (CVE-2022-32148)\n\n* golang: crypto/tls: session tickets lack random ticket_age_add\n(CVE-2022-30629)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, and other related information, refer to the CVE page(s) listed in\nthe References section. Solution:\n\nFor details on how to install and use MTC, refer to:\n\nhttps://docs.openshift.com/container-platform/latest/migration_toolkit_for_containers/installing-mtc.html\n\n4. Bugs fixed (https://bugzilla.redhat.com/):\n\n2092793 - CVE-2022-30629 golang: crypto/tls: session tickets lack random ticket_age_add\n2107371 - CVE-2022-30630 golang: io/fs: stack exhaustion in Glob\n2107374 - CVE-2022-1705 golang: net/http: improper sanitization of Transfer-Encoding header\n2107376 - CVE-2022-1962 golang: go/parser: stack exhaustion in all Parse* functions\n2107383 - CVE-2022-32148 golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working\n2107386 - CVE-2022-30632 golang: path/filepath: stack exhaustion in Glob\n2107388 - CVE-2022-30635 golang: encoding/gob: stack exhaustion in Decoder.Decode\n2107390 - CVE-2022-28131 golang: encoding/xml: stack exhaustion in Decoder.Skip\n2107392 - CVE-2022-30633 golang: encoding/xml: stack exhaustion in Unmarshal\n2132957 - Migration fails at UnQuiesceDestApplications step in OCP 4.12\n2137304 - Location for host cluster is missing in the UI\n2140208 - When editing a MigHook in the UI, the page may fail to reload\n2143628 - Unable to create Storage Class Conversion plan due to missing cronjob error in OCP 4.12\n2143872 - Namespaces page in web console stuck in loading phase\n2149920 - Migration fails at prebackupHooks step\n\n5. JIRA issues fixed (https://issues.jboss.org/):\n\nMIG-1240 - Implement proposed changes for DVM support with PSAs in 4.12\n\n6",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-26709"
},
{
"db": "VULHUB",
"id": "VHN-417378"
},
{
"db": "PACKETSTORM",
"id": "169324"
},
{
"db": "PACKETSTORM",
"id": "168226"
},
{
"db": "PACKETSTORM",
"id": "167194"
},
{
"db": "PACKETSTORM",
"id": "170162"
},
{
"db": "PACKETSTORM",
"id": "170898"
},
{
"db": "PACKETSTORM",
"id": "171127"
},
{
"db": "PACKETSTORM",
"id": "170242"
},
{
"db": "PACKETSTORM",
"id": "170243"
}
],
"trust": 1.71
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-417378",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-417378"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-26709",
"trust": 1.9
},
{
"db": "PACKETSTORM",
"id": "167194",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "168226",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "170898",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "170210",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "170956",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "171026",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169920",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167185",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167193",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169760",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167186",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169889",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167195",
"trust": 0.1
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3517",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-417378",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169324",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "170162",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "171127",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "170242",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "170243",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-417378"
},
{
"db": "PACKETSTORM",
"id": "169324"
},
{
"db": "PACKETSTORM",
"id": "168226"
},
{
"db": "PACKETSTORM",
"id": "167194"
},
{
"db": "PACKETSTORM",
"id": "170162"
},
{
"db": "PACKETSTORM",
"id": "170898"
},
{
"db": "PACKETSTORM",
"id": "171127"
},
{
"db": "PACKETSTORM",
"id": "170242"
},
{
"db": "PACKETSTORM",
"id": "170243"
},
{
"db": "NVD",
"id": "CVE-2022-26709"
}
]
},
"id": "VAR-202205-1291",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-417378"
}
],
"trust": 0.01
},
"last_update_date": "2024-09-19T22:06:57.134000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-416",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-417378"
},
{
"db": "NVD",
"id": "CVE-2022-26709"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.1,
"url": "https://support.apple.com/en-us/ht213253"
},
{
"trust": 1.1,
"url": "https://support.apple.com/en-us/ht213254"
},
{
"trust": 1.1,
"url": "https://support.apple.com/en-us/ht213257"
},
{
"trust": 1.1,
"url": "https://support.apple.com/en-us/ht213258"
},
{
"trust": 1.1,
"url": "https://support.apple.com/en-us/ht213260"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-26709"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-26700"
},
{
"trust": 0.5,
"url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2022-26717"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2022-22628"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2022-1304"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2022-22624"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2022-26716"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2022-26709"
},
{
"trust": 0.5,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2022-26710"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2022-22662"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2022-26700"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2022-22629"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2022-26719"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2022-30293"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-26717"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-26719"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-26716"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-26710"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-3709"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2016-3709"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2022-37434"
},
{
"trust": 0.4,
"url": "https://issues.jboss.org/):"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2022-42898"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-30293"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22628"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22662"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22624"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22629"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2022-22844"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2022-27406"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2022-0865"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2022-0562"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-35525"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0865"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2022-2509"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2022-27405"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2022-0891"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0562"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2022-3515"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2022-1355"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2022-27404"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2022-0909"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-35527"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2022-0561"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2022-0924"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-35525"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2022-0908"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0561"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-35527"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2022-27664"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1304"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-30294"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-28390"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30002"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-24448"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-27950"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3640"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-36558"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0168"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-0854"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-20368"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0617"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-2586"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-25255"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-41715"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-0168"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-30002"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-36516"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-1016"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-28893"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0854"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3640"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-2078"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-0617"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-1852"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-36946"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-1055"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-26373"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-2938"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-32189"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-1048"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-36516"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-2880"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-23960"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-36558"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-29581"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-1184"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-21499"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-2639"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-46848"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-40303"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-40304"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-35737"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-46848"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-41717"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0908"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0909"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0891"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/webkit2gtk"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22620"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22589"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22677"
},
{
"trust": 0.1,
"url": "https://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-2294"
},
{
"trust": 0.1,
"url": "https://webkitgtk.org/security/wsa-2022-0008.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22590"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://webkitgtk.org/security/wsa-2022-0002.html"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/glsa/202208-39"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22592"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-32893"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-32792"
},
{
"trust": 0.1,
"url": "https://webkitgtk.org/security/wsa-2022-0003.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-32784"
},
{
"trust": 0.1,
"url": "https://webkitgtk.org/security/wsa-2022-0007.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-23308"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-26701"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-26738"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-26740"
},
{
"trust": 0.1,
"url": "https://support.apple.com/ht213254."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-26714"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-26766"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-26702"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-26764"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-26736"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-26737"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-26724"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-26745"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-26765"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-26757"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22675"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-26706"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-26739"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-26763"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-26711"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-26768"
},
{
"trust": 0.1,
"url": "https://support.apple.com/en-us/ht201222."
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-21619"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-2068"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-2097"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:8781"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-21624"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-21618"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-2879"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1927"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.11/logging/cluster-logging-upgrading.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-21626"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-39399"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-42003"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-36518"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1785"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1586"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-34903"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1897"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-36518"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1292"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-21628"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-42004"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-37603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-2601"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-3775"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-3821"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-2601"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-43680"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.7/html/add-ons/submariner#deploying-submariner-console"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-40674"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-30699"
},
{
"trust": 0.1,
"url": "https://submariner.io/."
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-42012"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-30698"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-41974"
},
{
"trust": 0.1,
"url": "https://submariner.io/getting-started/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-42010"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-42011"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-2509"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2023:0631"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-3787"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2023:0918"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-35737"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-47629"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.6/html/release_notes/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.6/html-single/install/index#installing"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-3517"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-41912"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:9040"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/latest/migration_toolkit_for_containers/installing-mtc.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1962"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-28852"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1122"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-28131"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-32148"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-28852"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-28851"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-30630"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1705"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-30632"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-28851"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:9047"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-30629"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-25308"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0924"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1122"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-25310"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-30633"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-30635"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-25309"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-417378"
},
{
"db": "PACKETSTORM",
"id": "169324"
},
{
"db": "PACKETSTORM",
"id": "168226"
},
{
"db": "PACKETSTORM",
"id": "167194"
},
{
"db": "PACKETSTORM",
"id": "170162"
},
{
"db": "PACKETSTORM",
"id": "170898"
},
{
"db": "PACKETSTORM",
"id": "171127"
},
{
"db": "PACKETSTORM",
"id": "170242"
},
{
"db": "PACKETSTORM",
"id": "170243"
},
{
"db": "NVD",
"id": "CVE-2022-26709"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-417378"
},
{
"db": "PACKETSTORM",
"id": "169324"
},
{
"db": "PACKETSTORM",
"id": "168226"
},
{
"db": "PACKETSTORM",
"id": "167194"
},
{
"db": "PACKETSTORM",
"id": "170162"
},
{
"db": "PACKETSTORM",
"id": "170898"
},
{
"db": "PACKETSTORM",
"id": "171127"
},
{
"db": "PACKETSTORM",
"id": "170242"
},
{
"db": "PACKETSTORM",
"id": "170243"
},
{
"db": "NVD",
"id": "CVE-2022-26709"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-11-01T00:00:00",
"db": "VULHUB",
"id": "VHN-417378"
},
{
"date": "2022-06-28T19:12:00",
"db": "PACKETSTORM",
"id": "169324"
},
{
"date": "2022-09-01T16:33:44",
"db": "PACKETSTORM",
"id": "168226"
},
{
"date": "2022-05-17T17:06:48",
"db": "PACKETSTORM",
"id": "167194"
},
{
"date": "2022-12-08T16:34:22",
"db": "PACKETSTORM",
"id": "170162"
},
{
"date": "2023-02-08T16:00:47",
"db": "PACKETSTORM",
"id": "170898"
},
{
"date": "2023-02-27T14:51:11",
"db": "PACKETSTORM",
"id": "171127"
},
{
"date": "2022-12-15T15:34:35",
"db": "PACKETSTORM",
"id": "170242"
},
{
"date": "2022-12-15T15:35:54",
"db": "PACKETSTORM",
"id": "170243"
},
{
"date": "2022-11-01T20:15:17.340000",
"db": "NVD",
"id": "CVE-2022-26709"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-11-03T00:00:00",
"db": "VULHUB",
"id": "VHN-417378"
},
{
"date": "2022-11-03T13:47:46.117000",
"db": "NVD",
"id": "CVE-2022-26709"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Debian Security Advisory 5154-1",
"sources": [
{
"db": "PACKETSTORM",
"id": "169324"
}
],
"trust": 0.1
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "arbitrary",
"sources": [
{
"db": "PACKETSTORM",
"id": "168226"
}
],
"trust": 0.1
}
}
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.