CVSS: 8.8EPSS: 1%CPEs: 31EXPL: 0CVE-2022-2294 – WebRTC Heap Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2022-2294
Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento del búfer de la pila en WebRTC en Google Chrome versiones anteriores a 103.0.5060.114, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada WebRTC, an open-source project providing web browsers with real-time communication, contains a heap buffer overflow vulnerability that allows an attacker to perform shellcode execution. This vulnerability impacts web browsers using WebRTC including but not limited to Google Chrome. • http://www.openwall.com/lists/oss-security/2022/07/28/2 https://chromereleases.googleblog.com/2022/07/stable-channel-update-for-desktop.html https://crbug.com/1341043 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5BQRTR4SIUNIHLLPWTGYSDNQK7DYCRSB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H2C4XOJVIILDXTOSMWJXHSQNEXFWSOD7 https://security.gentoo.org/glsa/202208-35 https://security.gentoo.org/glsa/202208-39 https://sec • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 1CVE-2022-30293 – webkitgtk: Heap buffer overflow in WebCore::TextureMapperLayer::setContentsLayer leading to arbitrary code execution
https://notcve.org/view.php?id=CVE-2022-30293
In WebKitGTK through 2.36.0 (and WPE WebKit), there is a heap-based buffer overflow in WebCore::TextureMapperLayer::setContentsLayer in WebCore/platform/graphics/texmap/TextureMapperLayer.cpp. En WebKitGTK versiones hasta 2.36.0 (y WPE WebKit), se presenta un desbordamiento del búfer en la región heap de la memoria en la función WebCore::TextureMapperLayer::setContentsLayer en el archivo WebCore/platform/graphics/texmap/TextureMapperLayer.cpp A heap buffer overflow vulnerability was found in WebKitGTK. The vulnerability occurs when processing or rendering HTML content in WebKit. This flaw allows a remote attacker to trick the victim into opening a specially crafted web page, triggering a heap buffer overflow error and leading to the execution of arbitrary code on the system. • http://www.openwall.com/lists/oss-security/2022/05/30/1 https://bugs.webkit.org/show_bug.cgi?id=237187 https://github.com/ChijinZ/security_advisories/tree/master/webkitgtk-2.36.0 https://security.gentoo.org/glsa/202208-39 https://www.debian.org/security/2022/dsa-5154 https://www.debian.org/security/2022/dsa-5155 https://access.redhat.com/security/cve/CVE-2022-30293 https://bugzilla.redhat.com/show_bug.cgi?id=2082548 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-45481 – webkitgtk: Incorrect memory allocation in WebCore::ImageBufferCairoImageSurfaceBackend::create
https://notcve.org/view.php?id=CVE-2021-45481
In WebKitGTK before 2.32.4, there is incorrect memory allocation in WebCore::ImageBufferCairoImageSurfaceBackend::create, leading to a segmentation violation and application crash, a different vulnerability than CVE-2021-30889. En WebKitGTK versiones anteriores a 2.32.4, se presenta una asignación de memoria incorrecta en la función WebCore::ImageBufferCairoImageSurfaceBackend::create, conllevando una violación de la segmentación y un bloqueo de la aplicación, una vulnerabilidad diferente de CVE-2021-30889 A segmentation violation vulnerability was found in webkitgtk. An attacker with network access could pass specially crafted HTML files causing an application to halt or crash. • http://www.openwall.com/lists/oss-security/2022/01/21/2 https://github.com/ChijinZ/security_advisories/tree/master/webkitgtk-2.32.3 https://access.redhat.com/security/cve/CVE-2021-45481 https://bugzilla.redhat.com/show_bug.cgi?id=2040327 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-45482 – webkitgtk: use-after-free in WebCore::ContainerNode::firstChild
https://notcve.org/view.php?id=CVE-2021-45482
In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::ContainerNode::firstChild, a different vulnerability than CVE-2021-30889. En WebKitGTK versiones anteriores a 2.32.4, se presenta un uso de memoria previamente liberada en la función WebCore::ContainerNode::firstChild, una vulnerabilidad diferente de CVE-2021-30889 A use-after-free vulnerability was found in webkitgtk. An attacker with network access could pass specially crafted HTML files causing an application to halt or crash. • http://www.openwall.com/lists/oss-security/2022/01/21/2 https://github.com/ChijinZ/security_advisories/tree/master/webkitgtk-2.32.3 https://access.redhat.com/security/cve/CVE-2021-45482 https://bugzilla.redhat.com/show_bug.cgi?id=2040329 • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-45483 – webkitgtk: use-after-free in WebCore::Frame::page
https://notcve.org/view.php?id=CVE-2021-45483
In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::Frame::page, a different vulnerability than CVE-2021-30889. En WebKitGTK versiones anteriores an 2.32.4, se presenta un uso de memoria previamente liberada en la función WebCore::Frame::page, una vulnerabilidad diferente de CVE-2021-30889 A use-after-free vulnerability was found in webkitgtk. An attacker with network access could pass specially crafted HTML files causing an application to halt or crash. • http://www.openwall.com/lists/oss-security/2022/01/21/2 https://github.com/ChijinZ/security_advisories/tree/master/webkitgtk-2.32.3 https://access.redhat.com/security/cve/CVE-2021-45483 https://bugzilla.redhat.com/show_bug.cgi?id=2040331 • CWE-416: Use After Free •