Vulnerability CVE-2021-45483: Information
Description
In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::Frame::page, a different vulnerability than CVE-2021-30889.
Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
---|---|---|---|---|---|---|
libwebkitgtk4 | sisyphus | 2.32.4-alt1 | 2.44.2-alt1 | ALT-PU-2021-2835-1 | 285422 | Fixed |
libwebkitgtk4 | p10 | 2.32.4-alt1 | 2.36.3-alt1 | ALT-PU-2021-2878-1 | 284327 | Fixed |
libwebkitgtk4 | c10f1 | 2.32.4-alt1 | 2.36.3-alt1 | ALT-PU-2021-2878-1 | 284327 | Fixed |
libwebkitgtk4 | p11 | 2.32.4-alt1 | 2.44.2-alt1 | ALT-PU-2021-2835-1 | 285422 | Fixed |
References to Advisories, Solutions, and Tools
Hyperlink | Resource |
---|---|
https://github.com/ChijinZ/security_advisories/tree/master/webkitgtk-2.32.3 |
|
[oss-security] 20220121 WebKitGTK and WPE WebKit Security Advisory WSA-2022-0001 |
|