VulnerableCode Package Details - pkg:deb/ubuntu/webkit2gtk@2.33.3-1ubuntu1

Search for packages

Vulnerability	Summary	Fixed by
VCID-5skj-ns46-aaaq Aliases: CVE-2021-42762	BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that allows a sandboxed process to trick host processes into thinking the sandboxed process is not confined by the sandbox, by abusing VFS syscalls that manipulate its filesystem namespace. The impact is limited to host services that create UNIX sockets that WebKit mounts inside its sandbox, and the sandboxed process remains otherwise confined. NOTE: this is similar to CVE-2021-41133.	2.34.1-0ubuntu0.20.04.1 Affected by 0 other vulnerabilities.
VCID-g6p3-xnyc-aaak Aliases: CVE-2021-30851	A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution.	2.34.1-0ubuntu0.20.04.1 Affected by 0 other vulnerabilities.
VCID-u3zz-umjw-aaak Aliases: CVE-2021-30846	A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution.	2.34.1-0ubuntu0.20.04.1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-5skj-ns46-aaaq
Aliases:
CVE-2021-42762

BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that allows a sandboxed process to trick host processes into thinking the sandboxed process is not confined by the sandbox, by abusing VFS syscalls that manipulate its filesystem namespace. The impact is limited to host services that create UNIX sockets that WebKit mounts inside its sandbox, and the sandboxed process remains otherwise confined. NOTE: this is similar to CVE-2021-41133.

2.34.1-0ubuntu0.20.04.1
Affected by 0 other vulnerabilities.

VCID-g6p3-xnyc-aaak
Aliases:
CVE-2021-30851

A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution.

2.34.1-0ubuntu0.20.04.1
Affected by 0 other vulnerabilities.

VCID-u3zz-umjw-aaak
Aliases:
CVE-2021-30846

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution.

2.34.1-0ubuntu0.20.04.1
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Next non-vulnerable version	2.34.1-0ubuntu0.20.04.1
Latest non-vulnerable version	2.34.1-0ubuntu0.20.04.1
Risk	4.0