gjs-devel (AlmaLinux:8) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the AlmaLinux:8 package gjs-devel, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (11)
CVE-2018-20337 — CVSS 8.8 (high): There is a stack-based buffer overflow in the parse_makernote function of dcraw_common.cpp in LibRaw 0.19.1. Crafted input will lead to a…
CVE-2020-13543 — CVSS 8.8 (high): A code execution vulnerability exists in the WebSocket functionality of Webkit WebKitGTK 2.30.0. A specially crafted web page can trigger a…
CVE-2020-13584 — CVSS 8.8 (high): An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.1 x64. A specially crafted HTML web page can cause a…
CVE-2020-9948 — CVSS 8.8 (high): A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 14.0. Processing maliciously crafted web…
CVE-2020-9951 — CVSS 8.8 (high): A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.0. Processing maliciously crafted…
CVE-2020-9983 — CVSS 8.8 (high): An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in Safari 14.0. Processing maliciously…
CVE-2019-12448 — CVSS 8.1 (high): An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c has race conditions because the admin backend…
CVE-2019-13012 — CVSS 7.5 (high): The keyfile settings backend in GNOME GLib (aka glib2.0) before 2.60.0 creates directories using g_file_make_directory_with_parents…
CVE-2019-12447 — CVSS 7.3 (high): An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c mishandles file ownership because setfsuid is not…
CVE-2019-3825 — CVSS 6.3 (medium): A vulnerability was discovered in gdm before 3.31.4. When timed login is enabled in configuration, an attacker could bypass the lock screen…
CVE-2019-12449 — CVSS 5.7 (medium): An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c mishandles a file's user and group ownership during…