VulnerableCode Package Details - pkg:alpm/archlinux/webkit2gtk@2.28.3-1

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-h5zs-8y32-aaaf	A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to universal cross site scripting.	CVE-2020-9805
VCID-jn9m-a3y6-aaae	A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.	CVE-2020-9803
VCID-kazx-z7ps-aaae	A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.	CVE-2020-9802
VCID-sb94-3ghw-aaab	A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.	CVE-2020-9807
VCID-thf5-duw6-aaae	An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to a cross site scripting attack.	CVE-2020-9843
VCID-v9w1-g8aq-aaaj	An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.0 and iPadOS 14.0, tvOS 14.0, watchOS 7.0, Safari 14.0, iCloud for Windows 11.4, iCloud for Windows 7.21. Processing maliciously crafted web content may lead to a cross site scripting attack.	CVE-2020-9952
VCID-w86j-w1hq-aaad	A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.	CVE-2020-9806
VCID-wvqw-u8xk-aaab	The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to CLONE_NEWUSER and the TIOCSTI ioctl. CLONE_NEWUSER could potentially be used to confuse xdg-desktop-portal, which allows access outside the sandbox. TIOCSTI can be used to directly execute commands outside the sandbox by writing to the controlling terminal's input buffer, similar to CVE-2017-5226.	CVE-2020-13753
VCID-yrzh-mhug-aaam	A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. A remote attacker may be able to cause arbitrary code execution.	CVE-2020-9850

Vulnerability

Summary

Aliases

VCID-h5zs-8y32-aaaf

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to universal cross site scripting.

CVE-2020-9805

VCID-jn9m-a3y6-aaae

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2020-9803

VCID-kazx-z7ps-aaae

CVE-2020-9802

VCID-sb94-3ghw-aaab

A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2020-9807

VCID-thf5-duw6-aaae

An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to a cross site scripting attack.

CVE-2020-9843

VCID-v9w1-g8aq-aaaj

An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.0 and iPadOS 14.0, tvOS 14.0, watchOS 7.0, Safari 14.0, iCloud for Windows 11.4, iCloud for Windows 7.21. Processing maliciously crafted web content may lead to a cross site scripting attack.

CVE-2020-9952

VCID-w86j-w1hq-aaad

CVE-2020-9806

VCID-wvqw-u8xk-aaab

The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to CLONE_NEWUSER and the TIOCSTI ioctl. CLONE_NEWUSER could potentially be used to confuse xdg-desktop-portal, which allows access outside the sandbox. TIOCSTI can be used to directly execute commands outside the sandbox by writing to the controlling terminal's input buffer, similar to CVE-2017-5226.

CVE-2020-13753

VCID-yrzh-mhug-aaam

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. A remote attacker may be able to cause arbitrary code execution.

CVE-2020-9850

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-03-28T07:46:48.814311+00:00	Arch Linux Importer	Fixing	VCID-v9w1-g8aq-aaaj	https://security.archlinux.org/AVG-1292	36.0.0
2025-03-28T07:44:17.417563+00:00	Arch Linux Importer	Fixing	VCID-wvqw-u8xk-aaab	https://security.archlinux.org/AVG-1203	36.0.0
2025-03-28T07:44:17.383675+00:00	Arch Linux Importer	Fixing	VCID-kazx-z7ps-aaae	https://security.archlinux.org/AVG-1203	36.0.0
2025-03-28T07:44:17.347952+00:00	Arch Linux Importer	Fixing	VCID-jn9m-a3y6-aaae	https://security.archlinux.org/AVG-1203	36.0.0
2025-03-28T07:44:17.313437+00:00	Arch Linux Importer	Fixing	VCID-h5zs-8y32-aaaf	https://security.archlinux.org/AVG-1203	36.0.0
2025-03-28T07:44:17.278542+00:00	Arch Linux Importer	Fixing	VCID-w86j-w1hq-aaad	https://security.archlinux.org/AVG-1203	36.0.0
2025-03-28T07:44:17.241179+00:00	Arch Linux Importer	Fixing	VCID-sb94-3ghw-aaab	https://security.archlinux.org/AVG-1203	36.0.0
2025-03-28T07:44:17.206680+00:00	Arch Linux Importer	Fixing	VCID-thf5-duw6-aaae	https://security.archlinux.org/AVG-1203	36.0.0
2025-03-28T07:44:17.175036+00:00	Arch Linux Importer	Fixing	VCID-yrzh-mhug-aaam	https://security.archlinux.org/AVG-1203	36.0.0
2024-09-18T02:02:09.621175+00:00	Arch Linux Importer	Fixing	VCID-v9w1-g8aq-aaaj	https://security.archlinux.org/AVG-1292	34.0.1
2024-09-18T01:59:23.202984+00:00	Arch Linux Importer	Fixing	VCID-wvqw-u8xk-aaab	https://security.archlinux.org/AVG-1203	34.0.1
2024-09-18T01:59:23.176722+00:00	Arch Linux Importer	Fixing	VCID-kazx-z7ps-aaae	https://security.archlinux.org/AVG-1203	34.0.1
2024-09-18T01:59:23.151211+00:00	Arch Linux Importer	Fixing	VCID-jn9m-a3y6-aaae	https://security.archlinux.org/AVG-1203	34.0.1
2024-09-18T01:59:23.125703+00:00	Arch Linux Importer	Fixing	VCID-h5zs-8y32-aaaf	https://security.archlinux.org/AVG-1203	34.0.1
2024-09-18T01:59:23.099851+00:00	Arch Linux Importer	Fixing	VCID-w86j-w1hq-aaad	https://security.archlinux.org/AVG-1203	34.0.1
2024-09-18T01:59:23.073686+00:00	Arch Linux Importer	Fixing	VCID-sb94-3ghw-aaab	https://security.archlinux.org/AVG-1203	34.0.1
2024-09-18T01:59:23.047188+00:00	Arch Linux Importer	Fixing	VCID-thf5-duw6-aaae	https://security.archlinux.org/AVG-1203	34.0.1
2024-09-18T01:59:23.019956+00:00	Arch Linux Importer	Fixing	VCID-yrzh-mhug-aaam	https://security.archlinux.org/AVG-1203	34.0.1
2024-01-17T17:36:48.027564+00:00	Arch Linux Importer	Fixing	VCID-wvqw-u8xk-aaab	https://security.archlinux.org/AVG-1203	34.0.0rc2
2024-01-17T17:36:48.005641+00:00	Arch Linux Importer	Fixing	VCID-kazx-z7ps-aaae	https://security.archlinux.org/AVG-1203	34.0.0rc2
2024-01-17T17:36:47.983417+00:00	Arch Linux Importer	Fixing	VCID-jn9m-a3y6-aaae	https://security.archlinux.org/AVG-1203	34.0.0rc2
2024-01-17T17:36:47.961449+00:00	Arch Linux Importer	Fixing	VCID-h5zs-8y32-aaaf	https://security.archlinux.org/AVG-1203	34.0.0rc2
2024-01-17T17:36:47.939301+00:00	Arch Linux Importer	Fixing	VCID-w86j-w1hq-aaad	https://security.archlinux.org/AVG-1203	34.0.0rc2
2024-01-17T17:36:47.917277+00:00	Arch Linux Importer	Fixing	VCID-sb94-3ghw-aaab	https://security.archlinux.org/AVG-1203	34.0.0rc2
2024-01-17T17:36:47.895111+00:00	Arch Linux Importer	Fixing	VCID-thf5-duw6-aaae	https://security.archlinux.org/AVG-1203	34.0.0rc2
2024-01-17T17:36:47.870403+00:00	Arch Linux Importer	Fixing	VCID-yrzh-mhug-aaam	https://security.archlinux.org/AVG-1203	34.0.0rc2
2024-01-03T22:28:12.067607+00:00	Arch Linux Importer	Fixing	VCID-v9w1-g8aq-aaaj	https://security.archlinux.org/AVG-1292	34.0.0rc1
2024-01-03T22:25:40.703788+00:00	Arch Linux Importer	Fixing	VCID-wvqw-u8xk-aaab	https://security.archlinux.org/AVG-1203	34.0.0rc1
2024-01-03T22:25:40.679931+00:00	Arch Linux Importer	Fixing	VCID-kazx-z7ps-aaae	https://security.archlinux.org/AVG-1203	34.0.0rc1
2024-01-03T22:25:40.656124+00:00	Arch Linux Importer	Fixing	VCID-jn9m-a3y6-aaae	https://security.archlinux.org/AVG-1203	34.0.0rc1
2024-01-03T22:25:40.630014+00:00	Arch Linux Importer	Fixing	VCID-h5zs-8y32-aaaf	https://security.archlinux.org/AVG-1203	34.0.0rc1
2024-01-03T22:25:40.603833+00:00	Arch Linux Importer	Fixing	VCID-w86j-w1hq-aaad	https://security.archlinux.org/AVG-1203	34.0.0rc1
2024-01-03T22:25:40.582897+00:00	Arch Linux Importer	Fixing	VCID-sb94-3ghw-aaab	https://security.archlinux.org/AVG-1203	34.0.0rc1
2024-01-03T22:25:40.561686+00:00	Arch Linux Importer	Fixing	VCID-thf5-duw6-aaae	https://security.archlinux.org/AVG-1203	34.0.0rc1
2024-01-03T22:25:40.540571+00:00	Arch Linux Importer	Fixing	VCID-yrzh-mhug-aaam	https://security.archlinux.org/AVG-1203	34.0.0rc1

2025-03-28T07:46:48.814311+00:00

Arch Linux Importer

Fixing

VCID-v9w1-g8aq-aaaj

https://security.archlinux.org/AVG-1292

36.0.0

2025-03-28T07:44:17.417563+00:00

Arch Linux Importer

Fixing