webkit2gtk3 (SUSE:Linux Enterprise Module for Desktop Applications 15 SP3) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Module for Desktop Applications 15 SP3 package webkit2gtk3, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (96)
CVE-2020-13753 — CVSS 10.0 (critical): The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to CLONE_NEWUSER and the TIOCSTI…
CVE-2021-30936 — CVSS 8.8 (high): A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2…
CVE-2021-30951 — CVSS 8.8 (high): A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2…
CVE-2019-8766 — CVSS 8.8 (high): Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1, iCloud for Windows…
CVE-2019-8782 — CVSS 8.8 (high): Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2…
CVE-2022-42823 — CVSS 8.8 (high): A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari…
CVE-2022-32912 — CVSS 8.8 (high): An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7…
CVE-2020-9802 — CVSS 8.8 (high): A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari…
CVE-2020-9803 — CVSS 8.8 (high): A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS…
CVE-2020-9947 — CVSS 8.8 (high): A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0, iOS 14.0 and iPadOS 14.0, iTunes…
CVE-2020-9948 — CVSS 8.8 (high): A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 14.0. Processing maliciously crafted web…
CVE-2020-9951 — CVSS 8.8 (high): A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.0. Processing maliciously crafted…
CVE-2022-32888 — CVSS 8.8 (high): An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS…
CVE-2022-32886 — CVSS 8.8 (high): A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7…
CVE-2021-1788 — CVSS 8.8 (high): A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001…
CVE-2021-1817 — CVSS 8.8 (high): A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS…
CVE-2022-32792 — CVSS 8.8 (high): An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, watchOS 8.7…
CVE-2022-26719 — CVSS 8.8 (high): A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS…
CVE-2022-26717 — CVSS 8.8 (high): A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS…
CVE-2021-1844 — CVSS 8.8 (high): A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and iPadOS 14.4.1, Safari 14.0.3 (v…
CVE-2021-21779 — CVSS 8.8 (high): A use-after-free vulnerability exists in the way Webkit’s GraphicsContext handles certain events in WebKitGTK 2.30.4. A specially crafted…
CVE-2021-21806 — CVSS 8.8 (high): An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.3 x64. A specially crafted HTML web page can cause a…
CVE-2022-26716 — CVSS 8.8 (high): A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS…
CVE-2022-26710 — CVSS 8.8 (high): A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4…
CVE-2022-26709 — CVSS 8.8 (high): A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS…
CVE-2021-30734 — CVSS 8.8 (high): Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6…
CVE-2022-26700 — CVSS 8.8 (high): A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS…
CVE-2021-30749 — CVSS 8.8 (high): Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6…
CVE-2021-30758 — CVSS 8.8 (high): A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5…
CVE-2021-30795 — CVSS 8.8 (high): A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5…
CVE-2021-30797 — CVSS 8.8 (high): This issue was addressed with improved checks. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7…
CVE-2021-30799 — CVSS 8.8 (high): Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.7, macOS Big Sur 11.5…
CVE-2021-30809 — CVSS 8.8 (high): A use after free issue was addressed with improved memory management. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and…
CVE-2021-30818 — CVSS 8.8 (high): A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, iOS 15 and…
CVE-2022-22637 — CVSS 8.8 (high): A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iOS 15.4…
CVE-2022-22629 — CVSS 8.8 (high): A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5…
CVE-2019-8808 — CVSS 8.8 (high): Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2…
CVE-2019-8815 — CVSS 8.8 (high): Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2…
CVE-2022-22590 — CVSS 8.8 (high): A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS…
CVE-2021-30934 — CVSS 8.8 (high): A buffer overflow issue was addressed with improved memory handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2…
CVE-2021-30953 — CVSS 8.8 (high): An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS…
CVE-2021-30851 — CVSS 8.8 (high): A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and…
CVE-2022-22628 — CVSS 8.8 (high): A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5…
CVE-2022-22624 — CVSS 8.8 (high): A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3, iOS 15.4 and iPadOS 15.4…
CVE-2021-30889 — CVSS 8.8 (high): A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS…
CVE-2021-21775 — CVSS 8.0 (high): A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of Webkit WebKitGTK 2.30.4. A…
CVE-2020-27918 — CVSS 7.8 (high): A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2…
CVE-2021-30846 — CVSS 7.8 (high): A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, tvOS 15…
CVE-2021-30848 — CVSS 7.8 (high): A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, iOS 15…
CVE-2021-30849 — CVSS 7.8 (high): Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, watchOS 8…
CVE-2021-30954 — CVSS 7.8 (high): A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS…
CVE-2021-30984 — CVSS 7.5 (high): A race condition was addressed with improved state handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2…
CVE-2022-30293 — CVSS 7.5 (high): In WebKitGTK through 2.36.0 (and WPE WebKit), there is a heap-based buffer overflow in WebCore::TextureMapperLayer::setContentsLayer in…
CVE-2021-30888 — CVSS 7.4 (high): An information leakage issue was addressed. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS…
CVE-2020-9805 — CVSS 7.1 (high): A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari…
CVE-2020-9952 — CVSS 7.1 (high): An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.0 and iPadOS 14.0, tvOS 14.0, watchOS…
CVE-2021-30897 — CVSS 6.5 (medium): An issue existed in the specification for the resource timing API. The specification was updated and the updated specification was…
CVE-2022-22592 — CVSS 6.5 (medium): A logic issue was addressed with improved state management. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari…
CVE-2022-22594 — CVSS 6.5 (medium): A cross-origin issue in the IndexDB API was addressed with improved input validation. This issue is fixed in iOS 15.3 and iPadOS 15.3…
CVE-2021-30887 — CVSS 6.5 (medium): A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS…
CVE-2022-32923 — CVSS 6.5 (medium): A correctness issue in the JIT was addressed with improved checks. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS…
CVE-2021-30823 — CVSS 6.5 (medium): A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 14.8 and iPadOS 14.8, tvOS 15…
CVE-2022-22662 — CVSS 6.5 (medium): A cookie management issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Big…
CVE-2022-32816 — CVSS 6.5 (medium): The issue was addressed with improved UI handling. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey…
CVE-2021-1765 — CVSS 6.5 (medium): This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001…
CVE-2021-45481 — CVSS 6.5 (medium): In WebKitGTK before 2.32.4, there is incorrect memory allocation in WebCore::ImageBufferCairoImageSurfaceBackend::create, leading to a…
CVE-2021-1820 — CVSS 6.5 (medium): A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS…
CVE-2021-45482 — CVSS 6.5 (medium): In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::ContainerNode::firstChild, a different vulnerability than CVE-2021-30889.
CVE-2021-45483 — CVSS 6.5 (medium): In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::Frame::page, a different vulnerability than CVE-2021-30889.
CVE-2021-30744 — CVSS 6.1 (medium): Description: A cross-origin issue with iframe elements was addressed with improved tracking of security origins. This issue is fixed in…
CVE-2022-22589 — CVSS 6.1 (medium): A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3…
CVE-2021-30890 — CVSS 6.1 (medium): A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS…
CVE-2021-30689 — CVSS 6.1 (medium): A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1…
CVE-2021-1826 — CVSS 6.1 (medium): A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4…
CVE-2021-1825 — CVSS 6.1 (medium): An input validation issue was addressed with improved input validation. This issue is fixed in iTunes 12.11.3 for Windows, iCloud for…
CVE-2020-3902 — CVSS 6.1 (medium): An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari…
CVE-2022-42799 — CVSS 6.1 (medium): The issue was addressed with improved UI handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1…
CVE-2021-30682 — CVSS 5.5 (medium): A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS…
CVE-2022-42824 — CVSS 5.5 (medium): A logic issue was addressed with improved state management. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1…
CVE-2021-30836 — CVSS 5.5 (medium): An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, watchOS 8…
CVE-2021-30720 — CVSS 5.4 (medium): A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS…
CVE-2021-42762 — CVSS 5.3 (medium): BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that allows a sandboxed process to trick…
CVE-2021-30884 — CVSS 4.7 (medium): The issue was resolved with additional restrictions on CSS compositing. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15…
CVE-2022-22677 — CVSS 4.3 (medium): A logic issue in the handling of concurrent media was addressed with improved state handling. This issue is fixed in macOS Monterey 12.4…
CVE-2020-29623 — CVSS 3.3 (low): "Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in…