Vulnerability CVE-2021-45483: Information

Description

In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::Frame::page, a different vulnerability than CVE-2021-30889.

Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2021-45483
Published: Dec. 25, 2021
Modified: Feb. 5, 2022
Error type identifier: CWE-416

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
libwebkitgtk4sisyphus2.32.4-alt12.44.2-alt1ALT-PU-2021-2835-1285422Fixed
libwebkitgtk4p102.32.4-alt12.36.3-alt1ALT-PU-2021-2878-1284327Fixed
libwebkitgtk4c10f12.32.4-alt12.36.3-alt1ALT-PU-2021-2878-1284327Fixed
libwebkitgtk4p112.32.4-alt12.44.2-alt1ALT-PU-2021-2835-1285422Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://github.com/ChijinZ/security_advisories/tree/master/webkitgtk-2.32.3
  • Exploit
  • Third Party Advisory
[oss-security] 20220121 WebKitGTK and WPE WebKit Security Advisory WSA-2022-0001
  • Mailing List
  • Third Party Advisory

    1. Configuration 1

      cpe:2.3:a:webkitgtk:webkitgtk:*:*:*:*:*:*:*:*
      End excliding
      2.32.4
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.5.3
Back to top