Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2022-22624
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T03:21:48.813Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://support.apple.com/en-us/HT213182" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://support.apple.com/en-us/HT213183" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://support.apple.com/en-us/HT213186" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://support.apple.com/en-us/HT213187" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Safari", "vendor": "Apple", "versions": [ { "lessThan": "15.4", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "tvOS", "vendor": "Apple", "versions": [ { "lessThan": "15.4", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "tvOS", "vendor": "Apple", "versions": [ { "lessThan": "12.3", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "tvOS", "vendor": "Apple", "versions": [ { "lessThan": "15.4", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3, iOS 15.4 and iPadOS 15.4, tvOS 15.4, Safari 15.4. Processing maliciously crafted web content may lead to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Processing maliciously crafted web content may lead to arbitrary code execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-09-23T18:58:30", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://support.apple.com/en-us/HT213182" }, { "tags": [ "x_refsource_MISC" ], "url": "https://support.apple.com/en-us/HT213183" }, { "tags": [ "x_refsource_MISC" ], "url": "https://support.apple.com/en-us/HT213186" }, { "tags": [ "x_refsource_MISC" ], "url": "https://support.apple.com/en-us/HT213187" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2022-22624", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Safari", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "15.4" } ] } }, { "product_name": "tvOS", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "15.4" } ] } }, { "product_name": "tvOS", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "12.3" } ] } }, { "product_name": "tvOS", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "15.4" } ] } } ] }, "vendor_name": "Apple" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3, iOS 15.4 and iPadOS 15.4, tvOS 15.4, Safari 15.4. Processing maliciously crafted web content may lead to arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Processing maliciously crafted web content may lead to arbitrary code execution" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/en-us/HT213182", "refsource": "MISC", "url": "https://support.apple.com/en-us/HT213182" }, { "name": "https://support.apple.com/en-us/HT213183", "refsource": "MISC", "url": "https://support.apple.com/en-us/HT213183" }, { "name": "https://support.apple.com/en-us/HT213186", "refsource": "MISC", "url": "https://support.apple.com/en-us/HT213186" }, { "name": "https://support.apple.com/en-us/HT213187", "refsource": "MISC", "url": "https://support.apple.com/en-us/HT213187" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2022-22624", "datePublished": "2022-09-23T18:58:30", "dateReserved": "2022-01-05T00:00:00", "dateUpdated": "2024-08-03T03:21:48.813Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "vulnerability-lookup:meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2022-22624\",\"sourceIdentifier\":\"product-security@apple.com\",\"published\":\"2022-09-23T19:15:10.877\",\"lastModified\":\"2024-11-21T06:47:08.447\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3, iOS 15.4 and iPadOS 15.4, tvOS 15.4, Safari 15.4. Processing maliciously crafted web content may lead to arbitrary code execution.\"},{\"lang\":\"es\",\"value\":\"Se abord\u00f3 un problema de uso de memoria previamente liberada con una administraci\u00f3n de memoria mejorada. Este problema ha sido corregido en macOS Monterey versi\u00f3n 12.3, iOS versi\u00f3n 15.4 y iPadOS versi\u00f3n 15.4, tvOS versi\u00f3n 15.4, Safari versi\u00f3n 15.4. El procesamiento de contenido web dise\u00f1ado de forma maliciosa puede conllevar a una ejecuci\u00f3n de c\u00f3digo arbitrario.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"15.4\",\"matchCriteriaId\":\"2B5E9A8F-FFF6-432A-9E8A-074B53B29507\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"15.4\",\"matchCriteriaId\":\"304F5E03-FD61-453E-B2C5-FC3A2E30E448\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"15.4\",\"matchCriteriaId\":\"1E4C3F0C-E368-4F79-B42E-E5EB0FB5E767\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.0\",\"versionEndExcluding\":\"12.3\",\"matchCriteriaId\":\"9C72309C-939F-4744-80DB-07C4452BDAFE\"}]}]}],\"references\":[{\"url\":\"https://support.apple.com/en-us/HT213182\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/en-us/HT213183\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/en-us/HT213186\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/en-us/HT213187\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/en-us/HT213182\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/en-us/HT213183\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/en-us/HT213186\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/en-us/HT213187\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}" } }
var-202203-0111
Vulnerability from variot
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3, iOS 15.4 and iPadOS 15.4, tvOS 15.4, Safari 15.4. Processing maliciously crafted web content may lead to arbitrary code execution. Safari , iPadOS , iOS Multiple Apple products contain a freed memory usage vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state.
For the oldstable distribution (buster), these problems have been fixed in version 2.36.0-3~deb10u1.
For the stable distribution (bullseye), these problems have been fixed in version 2.36.0-3~deb11u1.
We recommend that you upgrade your webkit2gtk packages. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
APPLE-SA-2022-03-14-2 watchOS 8.5
watchOS 8.5 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213193.
Accelerate Framework Available for: Apple Watch Series 3 and later Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue was addressed with improved state management. CVE-2022-22633: an anonymous researcher
AppleAVD Available for: Apple Watch Series 3 and later Impact: Processing a maliciously crafted image may lead to heap corruption Description: A memory corruption issue was addressed with improved validation. CVE-2022-22666: Marc Schoenefeld, Dr. rer. nat. CVE-2022-22611: Xingyu Jin of Google
ImageIO Available for: Apple Watch Series 3 and later Impact: Processing a maliciously crafted image may lead to heap corruption Description: A memory consumption issue was addressed with improved memory handling. CVE-2022-22612: Xingyu Jin of Google
Kernel Available for: Apple Watch Series 3 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved validation. CVE-2022-22596: an anonymous researcher CVE-2022-22640: sqrtpwn
Kernel Available for: Apple Watch Series 3 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2022-22613: Alex, an anonymous researcher
Kernel Available for: Apple Watch Series 3 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management. CVE-2022-22614: an anonymous researcher CVE-2022-22615: an anonymous researcher
Kernel Available for: Apple Watch Series 3 and later Impact: A malicious application may be able to elevate privileges Description: A logic issue was addressed with improved state management. CVE-2022-22632: Keegan Saunders
Kernel Available for: Apple Watch Series 3 and later Impact: An attacker in a privileged position may be able to perform a denial of service attack Description: A null pointer dereference was addressed with improved validation. CVE-2022-22638: derrek (@derrekr6)
libarchive Available for: Apple Watch Series 3 and later Impact: Multiple issues in libarchive Description: Multiple memory corruption issues existed in libarchive. CVE-2021-36976
MediaRemote Available for: Apple Watch Series 3 and later Impact: A malicious application may be able to identify what other applications a user has installed Description: An access issue was addressed with improved access restrictions. CVE-2022-22670: Brandon Azad
Phone Available for: Apple Watch Series 3 and later Impact: A user may be able to bypass the Emergency SOS passcode prompt Description: This issue was addressed with improved checks. CVE-2022-22618: Yicong Ding (@AntonioDing)
Preferences Available for: Apple Watch Series 3 and later Impact: A malicious application may be able to read other applications' settings Description: The issue was addressed with additional permissions checks. CVE-2022-22609: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com)
Safari Available for: Apple Watch Series 3 and later Impact: Visiting a malicious website may lead to address bar spoofing Description: A user interface issue was addressed. CVE-2022-22654: Abdullah Md Shaleh of take0ver
Sandbox Available for: Apple Watch Series 3 and later Impact: A malicious application may be able to bypass certain Privacy preferences Description: The issue was addressed with improved permissions logic. CVE-2022-22600: Sudhakar Muthumani of Primefort Private Limited, Khiem Tran
Siri Available for: Apple Watch Series 3 and later Impact: A person with physical access to a device may be able to use Siri to obtain some location information from the lock screen Description: A permissions issue was addressed with improved validation. CVE-2022-22599: Andrew Goldberg of the University of Texas at Austin, McCombs School of Business (linkedin.com/andrew-goldberg/)
UIKit Available for: Apple Watch Series 3 and later Impact: A person with physical access to an iOS device may be able to see sensitive information via keyboard suggestions Description: This issue was addressed with improved checks. CVE-2022-22621: Joey Hewitt
WebKit Available for: Apple Watch Series 3 and later Impact: Processing maliciously crafted web content may disclose sensitive user information Description: A cookie management issue was addressed with improved state management. WebKit Bugzilla: 232748 CVE-2022-22662: Prakash (@1lastBr3ath) of Threat Nix
WebKit Available for: Apple Watch Series 3 and later Impact: Processing maliciously crafted web content may lead to code execution Description: A memory corruption issue was addressed with improved state management. WebKit Bugzilla: 232812 CVE-2022-22610: Quan Yin of Bigo Technology Live Client Team
WebKit Available for: Apple Watch Series 3 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. WebKit Bugzilla 233172 CVE-2022-22624: Kirin (@Pwnrin) of Tencent Security Xuanwu Lab WebKit Bugzilla: 234147 CVE-2022-22628: Kirin (@Pwnrin) of Tencent Security Xuanwu Lab
WebKit Available for: Apple Watch Series 3 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A buffer overflow issue was addressed with improved memory handling. WebKit Bugzilla: 234966 CVE-2022-22629: Jeonghoon Shin at Theori working with Trend Micro Zero Day Initiative
WebKit Available for: Apple Watch Series 3 and later Impact: A malicious website may cause unexpected cross-origin behavior Description: A logic issue was addressed with improved state management. WebKit Bugzilla: 235294 CVE-2022-22637: Tom McKee of Google
Additional recognition
AirDrop We would like to acknowledge Omar Espino (omespino.com), Ron Masas of BreakPoint.sh for their assistance.
Bluetooth We would like to acknowledge an anonymous researcher for their assistance.
Face Gallery We would like to acknowledge Tian Zhang (@KhaosT) for their assistance.
Safari We would like to acknowledge Konstantin Darutkin of FingerprintJS (fingerprintjs.com) for their assistance.
Shortcuts We would like to acknowledge Baibhav Anand Jha of Streamers Land for their assistance.
Siri We would like to acknowledge an anonymous researcher for their assistance.
syslog We would like to acknowledge Yonghwi Jin (@jinmo123) of Theori for their assistance.
UIKit We would like to acknowledge Tim Shadel of Day Logger, Inc. for their assistance.
Wallet We would like to acknowledge an anonymous researcher for their assistance.
WebKit We would like to acknowledge Abdullah Md Shaleh for their assistance.
WebKit Storage We would like to acknowledge Martin Bajanik of FingerprintJS for their assistance.
Instructions on how to update your Apple Watch software are available at https://support.apple.com/kb/HT204641 To check the version on your Apple Watch, open the Apple Watch app on your iPhone and select "My Watch > General > About". Alternatively, on your watch, select "My Watch > General > About". All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222.
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmIv0XwACgkQeC9qKD1p rhg7xg/+OVmgvQa8AfIpDqKoFyJQxRWv5eurCr0FWdtmUFmaqSZx1/gIGApxEIX9 Y2b9tEvhejRuUOkX4vpJcYvDsad6NvColSho5it16Hj3aRU3R4VseRmsVbaTwoap MQWRT+EHtB1zWOz9kGTFN6xScPVpnc18IrACQqO5SYB/ovvA6iNlee5OoQtWANd9 0Wm9/MHwVUng2MXmjeDNZ5C8cHt41W4/8brZFBqoThDeaGb+dx/KLNzlzIpN7ttC eCD2xXo6F+Q5uKUuwZHVm2g+PyV6CmeBtZYHGzGGo18fLLreBq7oUBf+KNzRxdTG x517r3SfjnwScVO/NJXa33fWHOrlNWvNwOHPsp1JgX1B/YVGSoJDIWxu3kAdOQ6b Z5ts7CIV8MOchvYG64UVO/Lt4e2/ABlkxF5vRD0k2KRIOWQh7mvTy0b4Reu2sbGF t088QoinhRgWU+JXYSUZ4Nex5lelcF9F2SlOh2CS+VmvfzatV0NiTTPTknP+2/pZ sLPO3oEmoqYczdviEtAZ3ghSrPWqqx1W2xBvnCTlteIZiIprgU/ZOcLaQiaHZ5c5 GKyxZCgguW40SzjrcdnbN9KSk+Pwta5oiKhzA43M+fl25jIic1rTvQIc91uL6/7O 9BSRyu2ZW0bfZEkgjPQF2ui4IBfZ81ayEsmh/e41JCbXnGvNFtY=K1Lq -----END PGP SIGNATURE-----
. Description:
Submariner enables direct networking between pods and services on different Kubernetes clusters that are either on-premises or in the cloud.
For more information about Submariner, see the Submariner open source community website at: https://submariner.io/.
Security fixes:
- CVE-2022-27664 golang: net/http: handle server errors after sending GOAWAY
- CVE-2022-2880 golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters
- CVE-2022-41715 golang: regexp/syntax: limit memory used by parsing regexps
- CVE-2022-41717 golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests
Bugs addressed:
- subctl diagnose firewall metrics does not work on merged kubeconfig (BZ# 2013711)
- [Submariner] - Fails to increase gateway amount after deployment (BZ# 2097381)
- Submariner gateway node does not get deleted with subctl cloud cleanup command (BZ# 2108634)
- submariner GW pods are unable to resolve the DNS of the Broker K8s API URL (BZ# 2119362)
- Submariner gateway node does not get deployed after applying ManagedClusterAddOn on Openstack (BZ# 2124219)
- unable to run subctl benchmark latency, pods fail with ImagePullBackOff (BZ# 2130326)
- [IBM Z] - Submariner addon unistallation doesnt work from ACM console (BZ# 2136442)
- Tags on AWS security group for gateway node break cloud-controller LoadBalancer (BZ# 2139477)
- RHACM - Submariner: UI support for OpenStack #19297 (ACM-1242)
- Submariner OVN support (ACM-1358)
- Submariner Azure Console support (ACM-1388)
- ManagedClusterSet consumers migrate to v1beta2 (ACM-1614)
- Submariner on disconnected ACM #22000 (ACM-1678)
- Submariner gateway: Error creating AWS security group if already exists (ACM-2055)
- Submariner gateway security group in AWS not deleted when uninstalling submariner (ACM-2057)
- The submariner-metrics-proxy pod pulls an image with wrong naming convention (ACM-2058)
- The submariner-metrics-proxy pod is not part of the Agent readiness check (ACM-2067)
- Subctl 0.14.0 prints version "vsubctl" (ACM-2132)
- managedclusters "local-cluster" not found and missing Submariner Broker CRD (ACM-2145)
- Add support of ARO to Submariner deployment (ACM-2150)
- The e2e tests execution fails for "Basic TCP connectivity" tests (ACM-2204)
- Gateway error shown "diagnose all" tests (ACM-2206)
- Submariner does not support cluster "kube-proxy ipvs mode"(ACM-2211)
- Vsphere cluster shows Pod Security admission controller warnings (ACM-2256)
- Cannot use submariner with OSP and self signed certs (ACM-2274)
- Subctl diagnose tests spawn nettest image with wrong tag nameing convention (ACM-2387)
-
Subctl 0.14.1 prints version "devel" (ACM-2482)
-
Solution:
For details on how to install Submariner, refer to:
https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.7/html/add-ons/submariner#deploying-submariner-console
and
https://submariner.io/getting-started/
- Bugs fixed (https://bugzilla.redhat.com/):
2013711 - subctl diagnose firewall metrics does not work on merged kubeconfig 2097381 - [Submariner] - Fails to increase gateway amount after deployment 2108634 - Submariner gateway node does not get deleted with subctl cloud cleanup command 2119362 - submariner GW pods are unable to resolve the DNS of the Broker K8s API URL 2124219 - Submariner gateway node does not get deployed after applying ManagedClusterAddOn on Openstack 2124669 - CVE-2022-27664 golang: net/http: handle server errors after sending GOAWAY 2130326 - unable to run subctl benchmark latency, pods fail with ImagePullBackOff 2132868 - CVE-2022-2880 golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters 2132872 - CVE-2022-41715 golang: regexp/syntax: limit memory used by parsing regexps 2136442 - [IBM Z] - Submariner addon unistallation doesnt work from ACM console 2139477 - Tags on AWS security group for gateway node break cloud-controller LoadBalancer 2161274 - CVE-2022-41717 golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests
- JIRA issues fixed (https://issues.jboss.org/):
ACM-1614 - ManagedClusterSet consumers migrate to v1beta2 (Submariner) ACM-2055 - Submariner gateway: Error creating AWS security group if already exists ACM-2057 - [Submariner] - submariner gateway security group in aws not deleted when uninstalling submariner ACM-2058 - [Submariner] - The submariner-metrics-proxy pod pulls an image with wrong naming convention ACM-2067 - [Submariner] - The submariner-metrics-proxy pod is not part of the Agent readiness check ACM-2132 - Subctl 0.14.0 prints version "vsubctl" ACM-2145 - managedclusters "local-cluster" not found and missing Submariner Broker CRD ACM-2150 - Add support of ARO to Submariner deployment ACM-2204 - [Submariner] - e2e tests execution fails for "Basic TCP connectivity" tests ACM-2206 - [Submariner] - Gateway error shown "diagnose all" tests ACM-2211 - [Submariner] - Submariner does not support cluster "kube-proxy ipvs mode" ACM-2256 - [Submariner] - Vsphere cluster shows Pod Security admission controller warnings ACM-2274 - Cannot use submariner with OSP and self signed certs ACM-2387 - [Submariner] - subctl diagnose tests spawn nettest image with wrong tag nameing convention ACM-2482 - Subctl 0.14.1 prints version "devel"
- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Important: updated rh-sso-7/sso76-openshift-rhel8 container and operator related images Advisory ID: RHSA-2022:8964-01 Product: Red Hat OpenShift Enterprise Advisory URL: https://access.redhat.com/errata/RHSA-2022:8964 Issue date: 2022-12-13 CVE Names: CVE-2016-3709 CVE-2022-1304 CVE-2022-3782 CVE-2022-3916 CVE-2022-22624 CVE-2022-22628 CVE-2022-22629 CVE-2022-22662 CVE-2022-26700 CVE-2022-26709 CVE-2022-26710 CVE-2022-26716 CVE-2022-26717 CVE-2022-26719 CVE-2022-27404 CVE-2022-27405 CVE-2022-27406 CVE-2022-30293 CVE-2022-37434 CVE-2022-42898 ==================================================================== 1. Summary:
Updated rh-sso-7/sso76-openshift-rhel8 container image and rh-sso-7/sso7-rhel8-operator-bundle image is now available for RHEL-8 based Middleware Containers.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Description:
The rh-sso-7/sso76-openshift-rhel8 container image and rh-sso-7/sso7-rhel8-operator operator has been updated for RHEL-8 based Middleware Containers to address the following security issues.
Security Fix(es):
-
keycloak: path traversal via double URL encoding (CVE-2022-3782)
-
keycloak: Session takeover with OIDC offline refreshtokens (CVE-2022-3916)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Users of rh-sso-7/sso76-openshift-rhel8 container images and rh-sso-7/sso7-rhel8-operator operator are advised to upgrade to these updated images, which contain backported patches to correct these security issues, fix these bugs and add these enhancements. Users of these images are also encouraged to rebuild all container images that depend on these images.
You can find images updated by this advisory in Red Hat Container Catalog (see References).
- Solution:
The RHEL-8 based Middleware Containers container image provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available at Red Hat Container Catalog (see References).
Dockerfiles and scripts should be amended either to refer to this new image specifically, or to the latest image generally.
- Bugs fixed (https://bugzilla.redhat.com/):
2138971 - CVE-2022-3782 keycloak: path traversal via double URL encoding 2141404 - CVE-2022-3916 keycloak: Session takeover with OIDC offline refreshtokens
- JIRA issues fixed (https://issues.jboss.org/):
CIAM-4412 - Build new OCP image for rh-sso-7/sso76-openshift-rhel8 CIAM-4413 - Generate new operator bundle image for this patch
- References:
https://access.redhat.com/security/cve/CVE-2016-3709 https://access.redhat.com/security/cve/CVE-2022-1304 https://access.redhat.com/security/cve/CVE-2022-3782 https://access.redhat.com/security/cve/CVE-2022-3916 https://access.redhat.com/security/cve/CVE-2022-22624 https://access.redhat.com/security/cve/CVE-2022-22628 https://access.redhat.com/security/cve/CVE-2022-22629 https://access.redhat.com/security/cve/CVE-2022-22662 https://access.redhat.com/security/cve/CVE-2022-26700 https://access.redhat.com/security/cve/CVE-2022-26709 https://access.redhat.com/security/cve/CVE-2022-26710 https://access.redhat.com/security/cve/CVE-2022-26716 https://access.redhat.com/security/cve/CVE-2022-26717 https://access.redhat.com/security/cve/CVE-2022-26719 https://access.redhat.com/security/cve/CVE-2022-27404 https://access.redhat.com/security/cve/CVE-2022-27405 https://access.redhat.com/security/cve/CVE-2022-27406 https://access.redhat.com/security/cve/CVE-2022-30293 https://access.redhat.com/security/cve/CVE-2022-37434 https://access.redhat.com/security/cve/CVE-2022-42898 https://catalog.redhat.com/software/containers/registry/registry.access.redhat.com/repository/rh-sso-7/sso76-openshift-rhel8 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc. Summary:
An update is now available for Logging subsystem for Red Hat OpenShift 5.4. Bugs fixed (https://bugzilla.redhat.com/):
2064698 - CVE-2020-36518 jackson-databind: denial of service via a large depth of nested objects 2134010 - CVE-2022-32149 golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags 2135244 - CVE-2022-42003 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS 2135247 - CVE-2022-42004 jackson-databind: use of deeply nested arrays
- JIRA issues fixed (https://issues.jboss.org/):
LOG-3250 - [release-5.4] FluentdQueueLengthIncreasing rule failing to be evaluated. LOG-3252 - [release-5.4]Adding Valid Subscription Annotation
- Description:
Service Binding manages the data plane for applications and backing services. Bugs fixed (https://bugzilla.redhat.com/):
2161274 - CVE-2022-41717 golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests
5
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202203-0111", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "macos", "scope": "lt", "trust": 1.0, "vendor": "apple", "version": "12.3" }, { "model": "ipad os", "scope": "lt", "trust": 1.0, "vendor": "apple", "version": "15.4" }, { "model": "safari", "scope": "lt", "trust": 1.0, "vendor": "apple", "version": "15.4" }, { "model": "macos", "scope": "gte", "trust": 1.0, "vendor": "apple", "version": "12.0" }, { "model": "iphone os", "scope": "lt", "trust": 1.0, "vendor": "apple", "version": "15.4" }, { "model": "ios", "scope": null, "trust": 0.8, "vendor": "\u30a2\u30c3\u30d7\u30eb", "version": null }, { "model": "safari", "scope": null, "trust": 0.8, "vendor": "\u30a2\u30c3\u30d7\u30eb", "version": null }, { "model": "ipados", "scope": null, "trust": 0.8, "vendor": "\u30a2\u30c3\u30d7\u30eb", "version": null }, { "model": "macos", "scope": "eq", "trust": 0.8, "vendor": "\u30a2\u30c3\u30d7\u30eb", "version": "12.0 that\u0027s all 12.3" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-018496" }, { "db": "NVD", "id": "CVE-2022-22624" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Red Hat", "sources": [ { "db": "PACKETSTORM", "id": "170898" }, { "db": "PACKETSTORM", "id": "170210" }, { "db": "PACKETSTORM", "id": "169920" }, { "db": "PACKETSTORM", "id": "171127" } ], "trust": 0.4 }, "cve": "CVE-2022-22624", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.8, "id": "CVE-2022-22624", "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 8.8, "baseSeverity": "High", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2022-22624", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "Required", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2022-22624", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "CVE-2022-22624", "trust": 0.8, "value": "High" }, { "author": "CNNVD", "id": "CNNVD-202203-1259", "trust": 0.6, "value": "HIGH" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-018496" }, { "db": "CNNVD", "id": "CNNVD-202203-1259" }, { "db": "NVD", "id": "CVE-2022-22624" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3, iOS 15.4 and iPadOS 15.4, tvOS 15.4, Safari 15.4. Processing maliciously crafted web content may lead to arbitrary code execution. Safari , iPadOS , iOS Multiple Apple products contain a freed memory usage vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. \n\nFor the oldstable distribution (buster), these problems have been fixed\nin version 2.36.0-3~deb10u1. \n\nFor the stable distribution (bullseye), these problems have been fixed in\nversion 2.36.0-3~deb11u1. \n\nWe recommend that you upgrade your webkit2gtk packages. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2022-03-14-2 watchOS 8.5\n\nwatchOS 8.5 addresses the following issues. \nInformation about the security content is also available at\nhttps://support.apple.com/HT213193. \n\nAccelerate Framework\nAvailable for: Apple Watch Series 3 and later\nImpact: Opening a maliciously crafted PDF file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A memory corruption issue was addressed with improved\nstate management. \nCVE-2022-22633: an anonymous researcher\n\nAppleAVD\nAvailable for: Apple Watch Series 3 and later\nImpact: Processing a maliciously crafted image may lead to heap\ncorruption\nDescription: A memory corruption issue was addressed with improved\nvalidation. \nCVE-2022-22666: Marc Schoenefeld, Dr. rer. nat. \nCVE-2022-22611: Xingyu Jin of Google\n\nImageIO\nAvailable for: Apple Watch Series 3 and later\nImpact: Processing a maliciously crafted image may lead to heap\ncorruption\nDescription: A memory consumption issue was addressed with improved\nmemory handling. \nCVE-2022-22612: Xingyu Jin of Google\n\nKernel\nAvailable for: Apple Watch Series 3 and later\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nvalidation. \nCVE-2022-22596: an anonymous researcher\nCVE-2022-22640: sqrtpwn\n\nKernel\nAvailable for: Apple Watch Series 3 and later\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: An out-of-bounds write issue was addressed with improved\nbounds checking. \nCVE-2022-22613: Alex, an anonymous researcher\n\nKernel\nAvailable for: Apple Watch Series 3 and later\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A use after free issue was addressed with improved\nmemory management. \nCVE-2022-22614: an anonymous researcher\nCVE-2022-22615: an anonymous researcher\n\nKernel\nAvailable for: Apple Watch Series 3 and later\nImpact: A malicious application may be able to elevate privileges\nDescription: A logic issue was addressed with improved state\nmanagement. \nCVE-2022-22632: Keegan Saunders\n\nKernel\nAvailable for: Apple Watch Series 3 and later\nImpact: An attacker in a privileged position may be able to perform a\ndenial of service attack\nDescription: A null pointer dereference was addressed with improved\nvalidation. \nCVE-2022-22638: derrek (@derrekr6)\n\nlibarchive\nAvailable for: Apple Watch Series 3 and later\nImpact: Multiple issues in libarchive\nDescription: Multiple memory corruption issues existed in libarchive. \nCVE-2021-36976\n\nMediaRemote\nAvailable for: Apple Watch Series 3 and later\nImpact: A malicious application may be able to identify what other\napplications a user has installed\nDescription: An access issue was addressed with improved access\nrestrictions. \nCVE-2022-22670: Brandon Azad\n\nPhone\nAvailable for: Apple Watch Series 3 and later\nImpact: A user may be able to bypass the Emergency SOS passcode\nprompt\nDescription: This issue was addressed with improved checks. \nCVE-2022-22618: Yicong Ding (@AntonioDing)\n\nPreferences\nAvailable for: Apple Watch Series 3 and later\nImpact: A malicious application may be able to read other\napplications\u0027 settings\nDescription: The issue was addressed with additional permissions\nchecks. \nCVE-2022-22609: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020)\nof Tencent Security Xuanwu Lab (xlab.tencent.com)\n\nSafari\nAvailable for: Apple Watch Series 3 and later\nImpact: Visiting a malicious website may lead to address bar spoofing\nDescription: A user interface issue was addressed. \nCVE-2022-22654: Abdullah Md Shaleh of take0ver\n\nSandbox\nAvailable for: Apple Watch Series 3 and later\nImpact: A malicious application may be able to bypass certain Privacy\npreferences\nDescription: The issue was addressed with improved permissions logic. \nCVE-2022-22600: Sudhakar Muthumani of Primefort Private Limited,\nKhiem Tran\n\nSiri\nAvailable for: Apple Watch Series 3 and later\nImpact: A person with physical access to a device may be able to use\nSiri to obtain some location information from the lock screen\nDescription: A permissions issue was addressed with improved\nvalidation. \nCVE-2022-22599: Andrew Goldberg of the University of Texas at Austin,\nMcCombs School of Business (linkedin.com/andrew-goldberg/)\n\nUIKit\nAvailable for: Apple Watch Series 3 and later\nImpact: A person with physical access to an iOS device may be able to\nsee sensitive information via keyboard suggestions\nDescription: This issue was addressed with improved checks. \nCVE-2022-22621: Joey Hewitt\n\nWebKit\nAvailable for: Apple Watch Series 3 and later\nImpact: Processing maliciously crafted web content may disclose\nsensitive user information\nDescription: A cookie management issue was addressed with improved\nstate management. \nWebKit Bugzilla: 232748\nCVE-2022-22662: Prakash (@1lastBr3ath) of Threat Nix\n\nWebKit\nAvailable for: Apple Watch Series 3 and later\nImpact: Processing maliciously crafted web content may lead to code\nexecution\nDescription: A memory corruption issue was addressed with improved\nstate management. \nWebKit Bugzilla: 232812\nCVE-2022-22610: Quan Yin of Bigo Technology Live Client Team\n\nWebKit\nAvailable for: Apple Watch Series 3 and later\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: A use after free issue was addressed with improved\nmemory management. \nWebKit Bugzilla 233172\nCVE-2022-22624: Kirin (@Pwnrin) of Tencent Security Xuanwu Lab\nWebKit Bugzilla: 234147\nCVE-2022-22628: Kirin (@Pwnrin) of Tencent Security Xuanwu Lab\n\nWebKit\nAvailable for: Apple Watch Series 3 and later\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: A buffer overflow issue was addressed with improved\nmemory handling. \nWebKit Bugzilla: 234966\nCVE-2022-22629: Jeonghoon Shin at Theori working with Trend Micro\nZero Day Initiative\n\nWebKit\nAvailable for: Apple Watch Series 3 and later\nImpact: A malicious website may cause unexpected cross-origin\nbehavior\nDescription: A logic issue was addressed with improved state\nmanagement. \nWebKit Bugzilla: 235294\nCVE-2022-22637: Tom McKee of Google\n\nAdditional recognition\n\nAirDrop\nWe would like to acknowledge Omar Espino (omespino.com), Ron Masas of\nBreakPoint.sh for their assistance. \n\nBluetooth\nWe would like to acknowledge an anonymous researcher for their\nassistance. \n\nFace Gallery\nWe would like to acknowledge Tian Zhang (@KhaosT) for their\nassistance. \n\nSafari\nWe would like to acknowledge Konstantin Darutkin of FingerprintJS\n(fingerprintjs.com) for their assistance. \n\nShortcuts\nWe would like to acknowledge Baibhav Anand Jha of Streamers Land for\ntheir assistance. \n\nSiri\nWe would like to acknowledge an anonymous researcher for their\nassistance. \n\nsyslog\nWe would like to acknowledge Yonghwi Jin (@jinmo123) of Theori for\ntheir assistance. \n\nUIKit\nWe would like to acknowledge Tim Shadel of Day Logger, Inc. for their\nassistance. \n\nWallet\nWe would like to acknowledge an anonymous researcher for their\nassistance. \n\nWebKit\nWe would like to acknowledge Abdullah Md Shaleh for their assistance. \n\nWebKit Storage\nWe would like to acknowledge Martin Bajanik of FingerprintJS for\ntheir assistance. \n\nInstructions on how to update your Apple Watch software are available\nat https://support.apple.com/kb/HT204641 To check the version on\nyour Apple Watch, open the Apple Watch app on your iPhone and select\n\"My Watch \u003e General \u003e About\". Alternatively, on your watch, select\n\"My Watch \u003e General \u003e About\". \nAll information is also posted on the Apple Security Updates\nweb site: https://support.apple.com/en-us/HT201222. \n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmIv0XwACgkQeC9qKD1p\nrhg7xg/+OVmgvQa8AfIpDqKoFyJQxRWv5eurCr0FWdtmUFmaqSZx1/gIGApxEIX9\nY2b9tEvhejRuUOkX4vpJcYvDsad6NvColSho5it16Hj3aRU3R4VseRmsVbaTwoap\nMQWRT+EHtB1zWOz9kGTFN6xScPVpnc18IrACQqO5SYB/ovvA6iNlee5OoQtWANd9\n0Wm9/MHwVUng2MXmjeDNZ5C8cHt41W4/8brZFBqoThDeaGb+dx/KLNzlzIpN7ttC\neCD2xXo6F+Q5uKUuwZHVm2g+PyV6CmeBtZYHGzGGo18fLLreBq7oUBf+KNzRxdTG\nx517r3SfjnwScVO/NJXa33fWHOrlNWvNwOHPsp1JgX1B/YVGSoJDIWxu3kAdOQ6b\nZ5ts7CIV8MOchvYG64UVO/Lt4e2/ABlkxF5vRD0k2KRIOWQh7mvTy0b4Reu2sbGF\nt088QoinhRgWU+JXYSUZ4Nex5lelcF9F2SlOh2CS+VmvfzatV0NiTTPTknP+2/pZ\nsLPO3oEmoqYczdviEtAZ3ghSrPWqqx1W2xBvnCTlteIZiIprgU/ZOcLaQiaHZ5c5\nGKyxZCgguW40SzjrcdnbN9KSk+Pwta5oiKhzA43M+fl25jIic1rTvQIc91uL6/7O\n9BSRyu2ZW0bfZEkgjPQF2ui4IBfZ81ayEsmh/e41JCbXnGvNFtY=K1Lq\n-----END PGP SIGNATURE-----\n\n\n. Description:\n\nSubmariner enables direct networking between pods and services on different\nKubernetes clusters that are either on-premises or in the cloud. \n\nFor more information about Submariner, see the Submariner open source\ncommunity website at: https://submariner.io/. \n\nSecurity fixes:\n\n* CVE-2022-27664 golang: net/http: handle server errors after sending\nGOAWAY\n* CVE-2022-2880 golang: net/http/httputil: ReverseProxy should not forward\nunparseable query parameters\n* CVE-2022-41715 golang: regexp/syntax: limit memory used by parsing\nregexps\n* CVE-2022-41717 golang: net/http: An attacker can cause excessive memory\ngrowth in a Go server accepting HTTP/2 requests\n\nBugs addressed:\n\n* subctl diagnose firewall metrics does not work on merged kubeconfig (BZ#\n2013711)\n* [Submariner] - Fails to increase gateway amount after deployment (BZ#\n2097381)\n* Submariner gateway node does not get deleted with subctl cloud cleanup\ncommand (BZ# 2108634)\n* submariner GW pods are unable to resolve the DNS of the Broker K8s API\nURL (BZ# 2119362)\n* Submariner gateway node does not get deployed after applying\nManagedClusterAddOn on Openstack (BZ# 2124219)\n* unable to run subctl benchmark latency, pods fail with ImagePullBackOff\n(BZ# 2130326)\n* [IBM Z] - Submariner addon unistallation doesnt work from ACM console\n(BZ# 2136442)\n* Tags on AWS security group for gateway node break cloud-controller\nLoadBalancer (BZ# 2139477)\n* RHACM - Submariner: UI support for OpenStack #19297 (ACM-1242)\n* Submariner OVN support (ACM-1358)\n* Submariner Azure Console support (ACM-1388)\n* ManagedClusterSet consumers migrate to v1beta2 (ACM-1614)\n* Submariner on disconnected ACM #22000 (ACM-1678)\n* Submariner gateway: Error creating AWS security group if already exists\n(ACM-2055)\n* Submariner gateway security group in AWS not deleted when uninstalling\nsubmariner (ACM-2057)\n* The submariner-metrics-proxy pod pulls an image with wrong naming\nconvention (ACM-2058)\n* The submariner-metrics-proxy pod is not part of the Agent readiness check\n(ACM-2067)\n* Subctl 0.14.0 prints version \"vsubctl\" (ACM-2132)\n* managedclusters \"local-cluster\" not found and missing Submariner Broker\nCRD (ACM-2145)\n* Add support of ARO to Submariner deployment (ACM-2150)\n* The e2e tests execution fails for \"Basic TCP connectivity\" tests\n(ACM-2204)\n* Gateway error shown \"diagnose all\" tests (ACM-2206)\n* Submariner does not support cluster \"kube-proxy ipvs mode\"(ACM-2211)\n* Vsphere cluster shows Pod Security admission controller warnings\n(ACM-2256)\n* Cannot use submariner with OSP and self signed certs (ACM-2274)\n* Subctl diagnose tests spawn nettest image with wrong tag nameing\nconvention (ACM-2387)\n* Subctl 0.14.1 prints version \"devel\" (ACM-2482)\n\n3. Solution:\n\nFor details on how to install Submariner, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.7/html/add-ons/submariner#deploying-submariner-console\n\nand\n\nhttps://submariner.io/getting-started/\n\n4. Bugs fixed (https://bugzilla.redhat.com/):\n\n2013711 - subctl diagnose firewall metrics does not work on merged kubeconfig\n2097381 - [Submariner] - Fails to increase gateway amount after deployment\n2108634 - Submariner gateway node does not get deleted with subctl cloud cleanup command\n2119362 - submariner GW pods are unable to resolve the DNS of the Broker K8s API URL\n2124219 - Submariner gateway node does not get deployed after applying ManagedClusterAddOn on Openstack\n2124669 - CVE-2022-27664 golang: net/http: handle server errors after sending GOAWAY\n2130326 - unable to run subctl benchmark latency, pods fail with ImagePullBackOff\n2132868 - CVE-2022-2880 golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters\n2132872 - CVE-2022-41715 golang: regexp/syntax: limit memory used by parsing regexps\n2136442 - [IBM Z] - Submariner addon unistallation doesnt work from ACM console\n2139477 - Tags on AWS security group for gateway node break cloud-controller LoadBalancer\n2161274 - CVE-2022-41717 golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests\n\n5. JIRA issues fixed (https://issues.jboss.org/):\n\nACM-1614 - ManagedClusterSet consumers migrate to v1beta2 (Submariner)\nACM-2055 - Submariner gateway: Error creating AWS security group if already exists\nACM-2057 - [Submariner] - submariner gateway security group in aws not deleted when uninstalling submariner\nACM-2058 - [Submariner] - The submariner-metrics-proxy pod pulls an image with wrong naming convention\nACM-2067 - [Submariner] - The submariner-metrics-proxy pod is not part of the Agent readiness check\nACM-2132 - Subctl 0.14.0 prints version \"vsubctl\"\nACM-2145 - managedclusters \"local-cluster\" not found and missing Submariner Broker CRD\nACM-2150 - Add support of ARO to Submariner deployment\nACM-2204 - [Submariner] - e2e tests execution fails for \"Basic TCP connectivity\" tests\nACM-2206 - [Submariner] - Gateway error shown \"diagnose all\" tests\nACM-2211 - [Submariner] - Submariner does not support cluster \"kube-proxy ipvs mode\"\nACM-2256 - [Submariner] - Vsphere cluster shows Pod Security admission controller warnings\nACM-2274 - Cannot use submariner with OSP and self signed certs\nACM-2387 - [Submariner] - subctl diagnose tests spawn nettest image with wrong tag nameing convention\nACM-2482 - Subctl 0.14.1 prints version \"devel\"\n\n6. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Important: updated rh-sso-7/sso76-openshift-rhel8 container and operator related images\nAdvisory ID: RHSA-2022:8964-01\nProduct: Red Hat OpenShift Enterprise\nAdvisory URL: https://access.redhat.com/errata/RHSA-2022:8964\nIssue date: 2022-12-13\nCVE Names: CVE-2016-3709 CVE-2022-1304 CVE-2022-3782\n CVE-2022-3916 CVE-2022-22624 CVE-2022-22628\n CVE-2022-22629 CVE-2022-22662 CVE-2022-26700\n CVE-2022-26709 CVE-2022-26710 CVE-2022-26716\n CVE-2022-26717 CVE-2022-26719 CVE-2022-27404\n CVE-2022-27405 CVE-2022-27406 CVE-2022-30293\n CVE-2022-37434 CVE-2022-42898\n====================================================================\n1. Summary:\n\nUpdated rh-sso-7/sso76-openshift-rhel8 container image and\nrh-sso-7/sso7-rhel8-operator-bundle image is now available for RHEL-8 based\nMiddleware Containers. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Description:\n\nThe rh-sso-7/sso76-openshift-rhel8 container image and\nrh-sso-7/sso7-rhel8-operator operator has been updated for RHEL-8 based\nMiddleware Containers to address the following security issues. \n\nSecurity Fix(es):\n\n* keycloak: path traversal via double URL encoding (CVE-2022-3782)\n\n* keycloak: Session takeover with OIDC offline refreshtokens\n(CVE-2022-3916)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\nUsers of rh-sso-7/sso76-openshift-rhel8 container images and\nrh-sso-7/sso7-rhel8-operator operator are advised to upgrade to these\nupdated images, which contain backported patches to correct these security\nissues, fix these bugs and add these enhancements. Users of these images\nare also encouraged to rebuild all container images that depend on these\nimages. \n\nYou can find images updated by this advisory in Red Hat Container Catalog\n(see References). \n\n3. Solution:\n\nThe RHEL-8 based Middleware Containers container image provided by this\nupdate can be downloaded from the Red Hat Container Registry at\nregistry.access.redhat.com. Installation instructions for your platform are\navailable at Red Hat Container Catalog (see References). \n\nDockerfiles and scripts should be amended either to refer to this new image\nspecifically, or to the latest image generally. \n\n4. Bugs fixed (https://bugzilla.redhat.com/):\n\n2138971 - CVE-2022-3782 keycloak: path traversal via double URL encoding\n2141404 - CVE-2022-3916 keycloak: Session takeover with OIDC offline refreshtokens\n\n5. JIRA issues fixed (https://issues.jboss.org/):\n\nCIAM-4412 - Build new OCP image for rh-sso-7/sso76-openshift-rhel8\nCIAM-4413 - Generate new operator bundle image for this patch\n\n6. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-3709\nhttps://access.redhat.com/security/cve/CVE-2022-1304\nhttps://access.redhat.com/security/cve/CVE-2022-3782\nhttps://access.redhat.com/security/cve/CVE-2022-3916\nhttps://access.redhat.com/security/cve/CVE-2022-22624\nhttps://access.redhat.com/security/cve/CVE-2022-22628\nhttps://access.redhat.com/security/cve/CVE-2022-22629\nhttps://access.redhat.com/security/cve/CVE-2022-22662\nhttps://access.redhat.com/security/cve/CVE-2022-26700\nhttps://access.redhat.com/security/cve/CVE-2022-26709\nhttps://access.redhat.com/security/cve/CVE-2022-26710\nhttps://access.redhat.com/security/cve/CVE-2022-26716\nhttps://access.redhat.com/security/cve/CVE-2022-26717\nhttps://access.redhat.com/security/cve/CVE-2022-26719\nhttps://access.redhat.com/security/cve/CVE-2022-27404\nhttps://access.redhat.com/security/cve/CVE-2022-27405\nhttps://access.redhat.com/security/cve/CVE-2022-27406\nhttps://access.redhat.com/security/cve/CVE-2022-30293\nhttps://access.redhat.com/security/cve/CVE-2022-37434\nhttps://access.redhat.com/security/cve/CVE-2022-42898\nhttps://catalog.redhat.com/software/containers/registry/registry.access.redhat.com/repository/rh-sso-7/sso76-openshift-rhel8\nhttps://access.redhat.com/security/updates/classification/#important\n\n7. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2022 Red Hat, Inc. Summary:\n\nAn update is now available for Logging subsystem for Red Hat OpenShift 5.4. Bugs fixed (https://bugzilla.redhat.com/):\n\n2064698 - CVE-2020-36518 jackson-databind: denial of service via a large depth of nested objects\n2134010 - CVE-2022-32149 golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags\n2135244 - CVE-2022-42003 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS\n2135247 - CVE-2022-42004 jackson-databind: use of deeply nested arrays\n\n5. JIRA issues fixed (https://issues.jboss.org/):\n\nLOG-3250 - [release-5.4] FluentdQueueLengthIncreasing rule failing to be evaluated. \nLOG-3252 - [release-5.4]Adding Valid Subscription Annotation\n\n6. Description:\n\nService Binding manages the data plane for applications and backing\nservices. Bugs fixed (https://bugzilla.redhat.com/):\n\n2161274 - CVE-2022-41717 golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests\n\n5", "sources": [ { "db": "NVD", "id": "CVE-2022-22624" }, { "db": "JVNDB", "id": "JVNDB-2022-018496" }, { "db": "VULHUB", "id": "VHN-411252" }, { "db": "VULMON", "id": "CVE-2022-22624" }, { "db": "PACKETSTORM", "id": "169243" }, { "db": "PACKETSTORM", "id": "166318" }, { "db": "PACKETSTORM", "id": "170898" }, { "db": "PACKETSTORM", "id": "170210" }, { "db": "PACKETSTORM", "id": "169920" }, { "db": "PACKETSTORM", "id": "171127" } ], "trust": 2.34 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2022-22624", "trust": 4.0 }, { "db": "PACKETSTORM", "id": "170210", "trust": 0.8 }, { "db": "PACKETSTORM", "id": "169920", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2022-018496", "trust": 0.8 }, { "db": "PACKETSTORM", "id": "169889", "trust": 0.7 }, { "db": "PACKETSTORM", "id": "170956", "trust": 0.7 }, { "db": "PACKETSTORM", "id": "168226", "trust": 0.7 }, { "db": "PACKETSTORM", "id": "169760", "trust": 0.7 }, { "db": "PACKETSTORM", "id": "170806", "trust": 0.7 }, { "db": "PACKETSTORM", "id": "166317", "trust": 0.7 }, { "db": "CS-HELP", "id": "SB2022031439", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022042820", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022041915", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022031602", "trust": 0.6 }, { "db": "PACKETSTORM", "id": "166889", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.6434", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2023.0818", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2023.1467", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.6290", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202203-1259", "trust": 0.6 }, { "db": "PACKETSTORM", "id": "166318", "trust": 0.2 }, { "db": "PACKETSTORM", "id": "170898", "trust": 0.2 }, { "db": "PACKETSTORM", "id": "166316", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "171026", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "171144", "trust": 0.1 }, { "db": "VULHUB", "id": "VHN-411252", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2022-22624", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "169243", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "171127", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-411252" }, { "db": "VULMON", "id": "CVE-2022-22624" }, { "db": "JVNDB", "id": "JVNDB-2022-018496" }, { "db": "PACKETSTORM", "id": "169243" }, { "db": "PACKETSTORM", "id": "166318" }, { "db": "PACKETSTORM", "id": "170898" }, { "db": "PACKETSTORM", "id": "170210" }, { "db": "PACKETSTORM", "id": "169920" }, { "db": "PACKETSTORM", "id": "171127" }, { "db": "CNNVD", "id": "CNNVD-202203-1259" }, { "db": "NVD", "id": "CVE-2022-22624" } ] }, "id": "VAR-202203-0111", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-411252" } ], "trust": 0.01 }, "last_update_date": "2024-11-29T21:44:01.181000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "HT213186 Apple\u00a0 Security update", "trust": 0.8, "url": "https://support.apple.com/en-us/HT213182" }, { "title": "Multiple Apple product Remediation of resource management error vulnerabilities", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=208977" }, { "title": "Debian Security Advisories: DSA-5115-1 webkit2gtk -- security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=402293ed3f2cdd93315804311726c6ba" }, { "title": "Debian Security Advisories: DSA-5116-1 wpewebkit -- security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=ed0e5704d3f401ded3b048d93f219bb2" }, { "title": "Arch Linux Issues: ", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=CVE-2022-22624" }, { "title": "Apple: iOS 15.4 and iPadOS 15.4", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=14b60b166a667fc4faf52d81847a180a" }, { "title": "Apple: macOS Monterey 12.3", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=f1105c4a20da11497b610b14a1668180" } ], "sources": [ { "db": "VULMON", "id": "CVE-2022-22624" }, { "db": "JVNDB", "id": "JVNDB-2022-018496" }, { "db": "CNNVD", "id": "CNNVD-202203-1259" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-416", "trust": 1.1 }, { "problemtype": "Use of freed memory (CWE-416) [NVD evaluation ]", "trust": 0.8 } ], "sources": [ { "db": "VULHUB", "id": "VHN-411252" }, { "db": "JVNDB", "id": "JVNDB-2022-018496" }, { "db": "NVD", "id": "CVE-2022-22624" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.3, "url": "https://support.apple.com/en-us/ht213182" }, { "trust": 2.3, "url": "https://support.apple.com/en-us/ht213187" }, { "trust": 1.7, "url": "https://support.apple.com/en-us/ht213183" }, { "trust": 1.7, "url": "https://support.apple.com/en-us/ht213186" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22624" }, { "trust": 1.0, "url": "https://access.redhat.com/security/cve/cve-2022-22624" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22629" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22628" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/170210/red-hat-security-advisory-2022-8964-01.html" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022031439" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/170806/red-hat-security-advisory-2023-0542-01.html" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/168226/gentoo-linux-security-advisory-202208-39.html" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/169920/red-hat-security-advisory-2022-7435-01.html" }, { "trust": 0.6, "url": "https://cxsecurity.com/cveshow/cve-2022-22624/" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2023.1467" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/166889/ubuntu-security-notice-usn-5394-1.html" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.6290" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022042820" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/webkitgtk-wpe-webkit-four-vulnerabilities-38003" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/169889/red-hat-security-advisory-2022-8054-01.html" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022041915" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/apple-ios-macos-multiple-vulnerabilities-37800" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/166317/apple-security-advisory-2022-03-14-1.html" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.6434" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022031602" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2023.0818" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/170956/red-hat-security-advisory-2023-0709-01.html" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/169760/red-hat-security-advisory-2022-7704-01.html" }, { "trust": 0.5, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22662" }, { "trust": 0.4, "url": "https://issues.jboss.org/):" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-26700" }, { "trust": 0.4, "url": "https://access.redhat.com/security/cve/cve-2022-22662" }, { "trust": 0.4, "url": "https://access.redhat.com/security/cve/cve-2022-22629" }, { "trust": 0.4, "url": "https://access.redhat.com/security/cve/cve-2022-30293" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-26710" }, { "trust": 0.4, "url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce" }, { "trust": 0.4, "url": "https://bugzilla.redhat.com/):" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-26709" }, { "trust": 0.4, "url": "https://access.redhat.com/security/cve/cve-2022-1304" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1304" }, { "trust": 0.4, "url": "https://access.redhat.com/security/cve/cve-2022-26716" }, { "trust": 0.4, "url": "https://access.redhat.com/security/cve/cve-2022-26717" }, { "trust": 0.4, "url": "https://access.redhat.com/security/cve/cve-2022-26719" }, { "trust": 0.4, "url": "https://access.redhat.com/security/cve/cve-2022-26709" }, { "trust": 0.4, "url": "https://access.redhat.com/security/cve/cve-2022-26700" }, { "trust": 0.4, "url": "https://access.redhat.com/security/cve/cve-2022-22628" }, { "trust": 0.4, "url": "https://access.redhat.com/security/cve/cve-2022-26710" }, { "trust": 0.4, "url": "https://access.redhat.com/security/team/contact/" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-3709" }, { "trust": 0.3, "url": "https://access.redhat.com/security/cve/cve-2022-37434" }, { "trust": 0.3, "url": "https://access.redhat.com/security/cve/cve-2016-3709" }, { "trust": 0.3, "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "trust": 0.3, "url": "https://access.redhat.com/security/cve/cve-2022-42898" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-26716" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2021-46848" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-35525" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2022-40303" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2022-2509" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2022-40304" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2022-35737" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2022-3515" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2020-35527" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2022-40674" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-46848" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-35527" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2020-35525" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2022-41717" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2509" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-26719" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-26717" }, { "trust": 0.1, "url": "https://www.debian.org/security/2022/dsa-5115" }, { "trust": 0.1, "url": "https://www.debian.org/security/2022/dsa-5116" }, { "trust": 0.1, "url": "https://www.debian.org/security/faq" }, { "trust": 0.1, "url": "https://security-tracker.debian.org/tracker/webkit2gtk" }, { "trust": 0.1, "url": "https://www.debian.org/security/" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22609" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22612" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22610" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22670" }, { "trust": 0.1, "url": "https://support.apple.com/en-us/ht201222." }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22637" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22666" }, { "trust": 0.1, "url": "https://support.apple.com/kb/ht204641" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22613" }, { "trust": 0.1, "url": "https://www.apple.com/support/security/pgp/" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22633" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22654" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22621" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22618" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22600" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-36976" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22640" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22599" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22638" }, { "trust": 0.1, "url": "https://support.apple.com/ht213193." }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22611" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22632" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22615" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22596" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22614" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2601" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-3775" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-3821" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-2601" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-43680" }, { "trust": 0.1, "url": "https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.7/html/add-ons/submariner#deploying-submariner-console" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-27664" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-30699" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-41715" }, { "trust": 0.1, "url": "https://submariner.io/." }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-42012" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-30698" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-41974" }, { "trust": 0.1, "url": "https://submariner.io/getting-started/" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-42010" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-2880" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-42011" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2023:0631" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-3787" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-27404" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-27404" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-3782" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-3916" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-27405" }, { "trust": 0.1, "url": "https://catalog.redhat.com/software/containers/registry/registry.access.redhat.com/repository/rh-sso-7/sso76-openshift-rhel8" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-27405" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-27406" }, { "trust": 0.1, "url": "https://access.redhat.com/security/updates/classification/#important" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2022:8964" }, { "trust": 0.1, "url": "https://docs.openshift.com/container-platform/4.10/logging/cluster-logging-release-notes.html" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-42004" }, { "trust": 0.1, "url": "https://docs.openshift.com/container-platform/4.10/logging/cluster-logging-upgrading.html" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2022:7435" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2020-36518" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-32149" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-42003" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-36518" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2023:0918" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-35737" }, { "trust": 0.1, "url": "https://access.redhat.com/articles/11258" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-47629" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-30293" } ], "sources": [ { "db": "VULHUB", "id": "VHN-411252" }, { "db": "VULMON", "id": "CVE-2022-22624" }, { "db": "JVNDB", "id": "JVNDB-2022-018496" }, { "db": "PACKETSTORM", "id": "169243" }, { "db": "PACKETSTORM", "id": "166318" }, { "db": "PACKETSTORM", "id": "170898" }, { "db": "PACKETSTORM", "id": "170210" }, { "db": "PACKETSTORM", "id": "169920" }, { "db": "PACKETSTORM", "id": "171127" }, { "db": "CNNVD", "id": "CNNVD-202203-1259" }, { "db": "NVD", "id": "CVE-2022-22624" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-411252" }, { "db": "VULMON", "id": "CVE-2022-22624" }, { "db": "JVNDB", "id": "JVNDB-2022-018496" }, { "db": "PACKETSTORM", "id": "169243" }, { "db": "PACKETSTORM", "id": "166318" }, { "db": "PACKETSTORM", "id": "170898" }, { "db": "PACKETSTORM", "id": "170210" }, { "db": "PACKETSTORM", "id": "169920" }, { "db": "PACKETSTORM", "id": "171127" }, { "db": "CNNVD", "id": "CNNVD-202203-1259" }, { "db": "NVD", "id": "CVE-2022-22624" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-09-23T00:00:00", "db": "VULHUB", "id": "VHN-411252" }, { "date": "2023-10-20T00:00:00", "db": "JVNDB", "id": "JVNDB-2022-018496" }, { "date": "2022-04-28T19:12:00", "db": "PACKETSTORM", "id": "169243" }, { "date": "2022-03-15T15:48:26", "db": "PACKETSTORM", "id": "166318" }, { "date": "2023-02-08T16:00:47", "db": "PACKETSTORM", "id": "170898" }, { "date": "2022-12-13T17:16:20", "db": "PACKETSTORM", "id": "170210" }, { "date": "2022-11-17T13:23:05", "db": "PACKETSTORM", "id": "169920" }, { "date": "2023-02-27T14:51:11", "db": "PACKETSTORM", "id": "171127" }, { "date": "2022-03-14T00:00:00", "db": "CNNVD", "id": "CNNVD-202203-1259" }, { "date": "2022-09-23T19:15:10.877000", "db": "NVD", "id": "CVE-2022-22624" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-09-28T00:00:00", "db": "VULHUB", "id": "VHN-411252" }, { "date": "2023-10-20T03:20:00", "db": "JVNDB", "id": "JVNDB-2022-018496" }, { "date": "2023-03-10T00:00:00", "db": "CNNVD", "id": "CNNVD-202203-1259" }, { "date": "2022-09-28T12:03:19.697000", "db": "NVD", "id": "CVE-2022-22624" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-202203-1259" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Freed memory usage vulnerability in multiple Apple products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-018496" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "resource management error", "sources": [ { "db": "CNNVD", "id": "CNNVD-202203-1259" } ], "trust": 0.6 } }
rhsa-2022:8054
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.\n\nSecurity Fix(es):\n\n* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-22624)\n\n* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-22628)\n\n* webkitgtk: Buffer overflow leading to arbitrary code execution (CVE-2022-22629)\n\n* webkitgtk: Cookie management issue leading to sensitive user information disclosure (CVE-2022-22662)\n\n* webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26700)\n\n* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26709)\n\n* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26710)\n\n* webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26716)\n\n* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26717)\n\n* webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26719)\n\n* webkitgtk: Heap buffer overflow in WebCore::TextureMapperLayer::setContentsLayer leading to arbitrary code execution (CVE-2022-30293)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 9.1 Release Notes linked from the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2022:8054", "url": "https://access.redhat.com/errata/RHSA-2022:8054" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.1_release_notes/index", "url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.1_release_notes/index" }, { "category": "external", "summary": "2061996", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2061996" }, { "category": "external", "summary": "2073893", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073893" }, { "category": "external", "summary": "2073896", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073896" }, { "category": "external", "summary": "2073899", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073899" }, { "category": "external", "summary": "2082548", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082548" }, { "category": "external", "summary": "2092732", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092732" }, { "category": "external", "summary": "2092733", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092733" }, { "category": "external", "summary": "2092734", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092734" }, { "category": "external", "summary": "2092735", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092735" }, { "category": "external", "summary": "2092736", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092736" }, { "category": "external", "summary": "2104787", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2104787" }, { "category": "external", "summary": "2104789", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2104789" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_8054.json" } ], "title": "Red Hat Security Advisory: webkit2gtk3 security and bug fix update", "tracking": { "current_release_date": "2024-11-22T19:07:05+00:00", "generator": { "date": "2024-11-22T19:07:05+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2022:8054", "initial_release_date": "2022-11-15T13:26:22+00:00", "revision_history": [ { "date": "2022-11-15T13:26:22+00:00", "number": "1", "summary": "Initial version" }, { "date": "2022-11-15T13:26:22+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T19:07:05+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream (v. 9)", "product": { "name": "Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA", "product_identification_helper": { "cpe": "cpe:/a:redhat:enterprise_linux:9::appstream" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "webkit2gtk3-0:2.36.7-1.el9.src", "product": { "name": "webkit2gtk3-0:2.36.7-1.el9.src", "product_id": "webkit2gtk3-0:2.36.7-1.el9.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3@2.36.7-1.el9?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "webkit2gtk3-0:2.36.7-1.el9.aarch64", "product": { "name": "webkit2gtk3-0:2.36.7-1.el9.aarch64", "product_id": "webkit2gtk3-0:2.36.7-1.el9.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3@2.36.7-1.el9?arch=aarch64" } } }, { "category": "product_version", "name": "webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "product": { "name": "webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "product_id": "webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-devel@2.36.7-1.el9?arch=aarch64" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "product": { "name": "webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "product_id": "webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc@2.36.7-1.el9?arch=aarch64" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "product": { "name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "product_id": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel@2.36.7-1.el9?arch=aarch64" } } }, { "category": "product_version", "name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "product": { "name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "product_id": "webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-debugsource@2.36.7-1.el9?arch=aarch64" } } }, { "category": "product_version", "name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "product": { "name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "product_id": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-debuginfo@2.36.7-1.el9?arch=aarch64" } } }, { "category": "product_version", "name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "product": { "name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "product_id": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-devel-debuginfo@2.36.7-1.el9?arch=aarch64" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "product": { "name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "product_id": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc-debuginfo@2.36.7-1.el9?arch=aarch64" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "product": { "name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "product_id": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel-debuginfo@2.36.7-1.el9?arch=aarch64" } } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "webkit2gtk3-0:2.36.7-1.el9.ppc64le", "product": { "name": "webkit2gtk3-0:2.36.7-1.el9.ppc64le", "product_id": "webkit2gtk3-0:2.36.7-1.el9.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3@2.36.7-1.el9?arch=ppc64le" } } }, { "category": "product_version", "name": "webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "product": { "name": "webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "product_id": "webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-devel@2.36.7-1.el9?arch=ppc64le" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "product": { "name": "webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "product_id": "webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc@2.36.7-1.el9?arch=ppc64le" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "product": { "name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "product_id": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel@2.36.7-1.el9?arch=ppc64le" } } }, { "category": "product_version", "name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "product": { "name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "product_id": "webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-debugsource@2.36.7-1.el9?arch=ppc64le" } } }, { "category": "product_version", "name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "product": { "name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "product_id": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-debuginfo@2.36.7-1.el9?arch=ppc64le" } } }, { "category": "product_version", "name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "product": { "name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "product_id": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-devel-debuginfo@2.36.7-1.el9?arch=ppc64le" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "product": { "name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "product_id": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc-debuginfo@2.36.7-1.el9?arch=ppc64le" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "product": { "name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "product_id": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel-debuginfo@2.36.7-1.el9?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "webkit2gtk3-0:2.36.7-1.el9.i686", "product": { "name": "webkit2gtk3-0:2.36.7-1.el9.i686", "product_id": "webkit2gtk3-0:2.36.7-1.el9.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3@2.36.7-1.el9?arch=i686" } } }, { "category": "product_version", "name": "webkit2gtk3-devel-0:2.36.7-1.el9.i686", "product": { "name": "webkit2gtk3-devel-0:2.36.7-1.el9.i686", "product_id": "webkit2gtk3-devel-0:2.36.7-1.el9.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-devel@2.36.7-1.el9?arch=i686" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "product": { "name": "webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "product_id": "webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc@2.36.7-1.el9?arch=i686" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "product": { "name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "product_id": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel@2.36.7-1.el9?arch=i686" } } }, { "category": "product_version", "name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "product": { "name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "product_id": "webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-debugsource@2.36.7-1.el9?arch=i686" } } }, { "category": "product_version", "name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "product": { "name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "product_id": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-debuginfo@2.36.7-1.el9?arch=i686" } } }, { "category": "product_version", "name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "product": { "name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "product_id": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-devel-debuginfo@2.36.7-1.el9?arch=i686" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "product": { "name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "product_id": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc-debuginfo@2.36.7-1.el9?arch=i686" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "product": { "name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "product_id": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel-debuginfo@2.36.7-1.el9?arch=i686" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "webkit2gtk3-0:2.36.7-1.el9.x86_64", "product": { "name": "webkit2gtk3-0:2.36.7-1.el9.x86_64", "product_id": "webkit2gtk3-0:2.36.7-1.el9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3@2.36.7-1.el9?arch=x86_64" } } }, { "category": "product_version", "name": "webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "product": { "name": "webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "product_id": "webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-devel@2.36.7-1.el9?arch=x86_64" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "product": { "name": "webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "product_id": "webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc@2.36.7-1.el9?arch=x86_64" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "product": { "name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "product_id": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel@2.36.7-1.el9?arch=x86_64" } } }, { "category": "product_version", "name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "product": { "name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "product_id": "webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-debugsource@2.36.7-1.el9?arch=x86_64" } } }, { "category": "product_version", "name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "product": { "name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "product_id": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-debuginfo@2.36.7-1.el9?arch=x86_64" } } }, { "category": "product_version", "name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "product": { "name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "product_id": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-devel-debuginfo@2.36.7-1.el9?arch=x86_64" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "product": { "name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "product_id": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc-debuginfo@2.36.7-1.el9?arch=x86_64" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64", "product": { "name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64", "product_id": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel-debuginfo@2.36.7-1.el9?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "webkit2gtk3-0:2.36.7-1.el9.s390x", "product": { "name": "webkit2gtk3-0:2.36.7-1.el9.s390x", "product_id": "webkit2gtk3-0:2.36.7-1.el9.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3@2.36.7-1.el9?arch=s390x" } } }, { "category": "product_version", "name": "webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "product": { "name": "webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "product_id": "webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-devel@2.36.7-1.el9?arch=s390x" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "product": { "name": "webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "product_id": "webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc@2.36.7-1.el9?arch=s390x" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "product": { "name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "product_id": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel@2.36.7-1.el9?arch=s390x" } } }, { "category": "product_version", "name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "product": { "name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "product_id": "webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-debugsource@2.36.7-1.el9?arch=s390x" } } }, { "category": "product_version", "name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "product": { "name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "product_id": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-debuginfo@2.36.7-1.el9?arch=s390x" } } }, { "category": "product_version", "name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "product": { "name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "product_id": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-devel-debuginfo@2.36.7-1.el9?arch=s390x" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "product": { "name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "product_id": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc-debuginfo@2.36.7-1.el9?arch=s390x" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "product": { "name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "product_id": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel-debuginfo@2.36.7-1.el9?arch=s390x" } } } ], "category": "architecture", "name": "s390x" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-0:2.36.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64" }, "product_reference": "webkit2gtk3-0:2.36.7-1.el9.aarch64", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-0:2.36.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686" }, "product_reference": "webkit2gtk3-0:2.36.7-1.el9.i686", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-0:2.36.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le" }, "product_reference": "webkit2gtk3-0:2.36.7-1.el9.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-0:2.36.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x" }, "product_reference": "webkit2gtk3-0:2.36.7-1.el9.s390x", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-0:2.36.7-1.el9.src as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src" }, "product_reference": "webkit2gtk3-0:2.36.7-1.el9.src", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-0:2.36.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64" }, "product_reference": "webkit2gtk3-0:2.36.7-1.el9.x86_64", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64" }, "product_reference": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686" }, "product_reference": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le" }, "product_reference": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x" }, "product_reference": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64" }, "product_reference": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64" }, "product_reference": "webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686" }, "product_reference": "webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le" }, "product_reference": "webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x" }, "product_reference": "webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64" }, "product_reference": "webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-devel-0:2.36.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64" }, "product_reference": "webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-devel-0:2.36.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686" }, "product_reference": "webkit2gtk3-devel-0:2.36.7-1.el9.i686", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le" }, "product_reference": "webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-devel-0:2.36.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x" }, "product_reference": "webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-devel-0:2.36.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64" }, "product_reference": "webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64" }, "product_reference": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686" }, "product_reference": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le" }, "product_reference": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x" }, "product_reference": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64" }, "product_reference": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64" }, "product_reference": "webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-0:2.36.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686" }, "product_reference": "webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le" }, "product_reference": "webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-0:2.36.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x" }, "product_reference": "webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64" }, "product_reference": "webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64" }, "product_reference": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686" }, "product_reference": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le" }, "product_reference": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x" }, "product_reference": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64" }, "product_reference": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64" }, "product_reference": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686" }, "product_reference": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le" }, "product_reference": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x" }, "product_reference": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64" }, "product_reference": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64" }, "product_reference": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686" }, "product_reference": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le" }, "product_reference": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x" }, "product_reference": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" }, "product_reference": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64", "relates_to_product_reference": "AppStream-9.1.0.GA" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-22624", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2022-04-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2073893" } ], "notes": [ { "category": "description", "text": "A use-after-free issue was found in WebKitGTK and WPE WebKit. This flaw allows a remote attacker to process maliciously crafted web content, leading to arbitrary code execution.", "title": "Vulnerability description" }, { "category": "summary", "text": "webkitgtk: Use-after-free leading to arbitrary code execution", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-22624" }, { "category": "external", "summary": "RHBZ#2073893", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073893" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-22624", "url": "https://www.cve.org/CVERecord?id=CVE-2022-22624" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22624", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22624" } ], "release_date": "2022-04-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-11-15T13:26:22+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:8054" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "webkitgtk: Use-after-free leading to arbitrary code execution" }, { "cve": "CVE-2022-22628", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2022-04-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2073896" } ], "notes": [ { "category": "description", "text": "A use-after-free issue was found in WebKitGTK and WPE WebKit. This flaw allows a remote attacker to process maliciously crafted web content, leading to arbitrary code execution.", "title": "Vulnerability description" }, { "category": "summary", "text": "webkitgtk: Use-after-free leading to arbitrary code execution", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-22628" }, { "category": "external", "summary": "RHBZ#2073896", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073896" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-22628", "url": "https://www.cve.org/CVERecord?id=CVE-2022-22628" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22628", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22628" } ], "release_date": "2022-04-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-11-15T13:26:22+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:8054" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "webkitgtk: Use-after-free leading to arbitrary code execution" }, { "cve": "CVE-2022-22629", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "discovery_date": "2022-04-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2073899" } ], "notes": [ { "category": "description", "text": "A buffer overflow vulnerability was found in WebKitGTK and WPE WebKit. This flaw allows a remote attacker to process maliciously crafted web content, leading to arbitrary code execution.", "title": "Vulnerability description" }, { "category": "summary", "text": "webkitgtk: Buffer overflow leading to arbitrary code execution", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-22629" }, { "category": "external", "summary": "RHBZ#2073899", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073899" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-22629", "url": "https://www.cve.org/CVERecord?id=CVE-2022-22629" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22629", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22629" } ], "release_date": "2022-04-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-11-15T13:26:22+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:8054" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "webkitgtk: Buffer overflow leading to arbitrary code execution" }, { "cve": "CVE-2022-22662", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2022-07-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2104787" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in WebKitGTK, where an issue occurs due to improper cookie management. This flaw allows a remote attacker to trick the victim into parsing maliciously crafted web content, triggering the vulnerability and gaining access to potentially sensitive information.", "title": "Vulnerability description" }, { "category": "summary", "text": "webkitgtk: Cookie management issue leading to sensitive user information disclosure", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux 6, 7, 8, and 9 are affected because the code-base is affected by this vulnerability.\n\nSince Red Hat Enterprise Linux 6 and 7 are Out-of-Support-Scope for Low/Moderate flaws, the issue is not currently planned to be addressed in future updates for RHEL-6,7. Only Important and Critical severity flaws will be addressed at this time.\n\nFor additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/ and Red Hat Enterprise Linux Life Cycle \u0026 Updates Policy: https://access.redhat.com/support/policy/updates/errata/.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-22662" }, { "category": "external", "summary": "RHBZ#2104787", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2104787" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-22662", "url": "https://www.cve.org/CVERecord?id=CVE-2022-22662" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22662", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22662" }, { "category": "external", "summary": "https://webkitgtk.org/security/WSA-2022-0006.html", "url": "https://webkitgtk.org/security/WSA-2022-0006.html" } ], "release_date": "2022-07-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-11-15T13:26:22+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:8054" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "webkitgtk: Cookie management issue leading to sensitive user information disclosure" }, { "cve": "CVE-2022-26700", "cwe": { "id": "CWE-1173", "name": "Improper Use of Validation Framework" }, "discovery_date": "2022-06-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2092732" } ], "notes": [ { "category": "description", "text": "A flaw was found in webkitgtk. The vulnerability occurs due to improper input validation, leading to memory corruption. This flaw allows an attacker with network access to pass specially crafted web content files, causing an application to halt, crash, or arbitrary code execution.", "title": "Vulnerability description" }, { "category": "summary", "text": "webkitgtk: Memory corruption issue leading to arbitrary code execution", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-26700" }, { "category": "external", "summary": "RHBZ#2092732", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092732" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-26700", "url": "https://www.cve.org/CVERecord?id=CVE-2022-26700" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-26700", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26700" }, { "category": "external", "summary": "https://webkitgtk.org/security/WSA-2022-0005.html", "url": "https://webkitgtk.org/security/WSA-2022-0005.html" } ], "release_date": "2022-05-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-11-15T13:26:22+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:8054" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "webkitgtk: Memory corruption issue leading to arbitrary code execution" }, { "cve": "CVE-2022-26709", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2022-06-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2092733" } ], "notes": [ { "category": "description", "text": "A flaw was found in webkitgtk. Due to improper input validation, the issue occurs, leading to a use-after-free vulnerability. This flaw allows an attacker with network access to pass specially crafted web content files, causing an application to halt, crash, or arbitrary code execution.", "title": "Vulnerability description" }, { "category": "summary", "text": "webkitgtk: Use-after-free leading to arbitrary code execution", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-26709" }, { "category": "external", "summary": "RHBZ#2092733", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092733" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-26709", "url": "https://www.cve.org/CVERecord?id=CVE-2022-26709" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-26709", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26709" }, { "category": "external", "summary": "https://webkitgtk.org/security/WSA-2022-0005.html", "url": "https://webkitgtk.org/security/WSA-2022-0005.html" } ], "release_date": "2022-05-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-11-15T13:26:22+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:8054" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "webkitgtk: Use-after-free leading to arbitrary code execution" }, { "cve": "CVE-2022-26710", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2022-07-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2104789" } ], "notes": [ { "category": "description", "text": "A use-after-free vulnerability was found in WebKitGTK. The flaw occurs when processing maliciously crafted HTML content in WebKit. This flaw allows a remote attacker to trick the victim into visiting a specially crafted website, triggering memory corruption and executing arbitrary code on the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "webkitgtk: Use-after-free leading to arbitrary code execution", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux 6, 7, 8, and 9 are affected because the code-base is affected by this vulnerability.\n\nSince Red Hat Enterprise Linux 6 and 7 are Out-of-Support-Scope for Low/Moderate flaws, the issue is not currently planned to be addressed in future updates for RHEL-6,7. Only Important and Critical severity flaws will be addressed at this time.\n\nFor additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/ and Red Hat Enterprise Linux Life Cycle \u0026 Updates Policy: https://access.redhat.com/support/policy/updates/errata/.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-26710" }, { "category": "external", "summary": "RHBZ#2104789", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2104789" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-26710", "url": "https://www.cve.org/CVERecord?id=CVE-2022-26710" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-26710", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26710" }, { "category": "external", "summary": "https://webkitgtk.org/security/WSA-2022-0006.html", "url": "https://webkitgtk.org/security/WSA-2022-0006.html" } ], "release_date": "2022-07-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-11-15T13:26:22+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:8054" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "webkitgtk: Use-after-free leading to arbitrary code execution" }, { "cve": "CVE-2022-26716", "cwe": { "id": "CWE-1173", "name": "Improper Use of Validation Framework" }, "discovery_date": "2022-06-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2092734" } ], "notes": [ { "category": "description", "text": "A flaw was found in webkitgtk. Due to improper input validation, the issue occurs, leading to a memory corruption vulnerability. This flaw allows an attacker with network access to pass specially crafted web content files, causing an application to halt, crash, or arbitrary code execution.", "title": "Vulnerability description" }, { "category": "summary", "text": "webkitgtk: Memory corruption issue leading to arbitrary code execution", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-26716" }, { "category": "external", "summary": "RHBZ#2092734", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092734" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-26716", "url": "https://www.cve.org/CVERecord?id=CVE-2022-26716" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-26716", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26716" }, { "category": "external", "summary": "https://webkitgtk.org/security/WSA-2022-0005.html", "url": "https://webkitgtk.org/security/WSA-2022-0005.html" } ], "release_date": "2022-05-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-11-15T13:26:22+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:8054" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "webkitgtk: Memory corruption issue leading to arbitrary code execution" }, { "cve": "CVE-2022-26717", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2022-06-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2092735" } ], "notes": [ { "category": "description", "text": "A flaw was found in webkitgtk. Due to improper input validation, the issue occurs, leading to a use-after-free vulnerability. This flaw allows an attacker with network access to pass specially crafted web content files, causing an application to halt, crash, or arbitrary code execution.", "title": "Vulnerability description" }, { "category": "summary", "text": "webkitgtk: Use-after-free leading to arbitrary code execution", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-26717" }, { "category": "external", "summary": "RHBZ#2092735", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092735" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-26717", "url": "https://www.cve.org/CVERecord?id=CVE-2022-26717" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-26717", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26717" }, { "category": "external", "summary": "https://webkitgtk.org/security/WSA-2022-0005.html", "url": "https://webkitgtk.org/security/WSA-2022-0005.html" } ], "release_date": "2022-05-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-11-15T13:26:22+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:8054" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "webkitgtk: Use-after-free leading to arbitrary code execution" }, { "cve": "CVE-2022-26719", "cwe": { "id": "CWE-1173", "name": "Improper Use of Validation Framework" }, "discovery_date": "2022-06-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2092736" } ], "notes": [ { "category": "description", "text": "A flaw was found in webkitgtk. Due to improper input validation, the issue occurs, leading to memory corruption. This flaw allows an attacker with network access to pass specially crafted web content files, causing an application to halt, crash, or arbitrary code execution.", "title": "Vulnerability description" }, { "category": "summary", "text": "webkitgtk: Memory corruption issue leading to arbitrary code execution", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-26719" }, { "category": "external", "summary": "RHBZ#2092736", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092736" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-26719", "url": "https://www.cve.org/CVERecord?id=CVE-2022-26719" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-26719", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26719" }, { "category": "external", "summary": "https://webkitgtk.org/security/WSA-2022-0005.html", "url": "https://webkitgtk.org/security/WSA-2022-0005.html" } ], "release_date": "2022-05-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-11-15T13:26:22+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:8054" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "webkitgtk: Memory corruption issue leading to arbitrary code execution" }, { "cve": "CVE-2022-30293", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2022-05-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2082548" } ], "notes": [ { "category": "description", "text": "A heap buffer overflow vulnerability was found in WebKitGTK. The vulnerability occurs when processing or rendering HTML content in WebKit. This flaw allows a remote attacker to trick the victim into opening a specially crafted web page, triggering a heap buffer overflow error and leading to the execution of arbitrary code on the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "webkitgtk: Heap buffer overflow in WebCore::TextureMapperLayer::setContentsLayer leading to arbitrary code execution", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-30293" }, { "category": "external", "summary": "RHBZ#2082548", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082548" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-30293", "url": "https://www.cve.org/CVERecord?id=CVE-2022-30293" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30293", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30293" } ], "release_date": "2022-05-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-11-15T13:26:22+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:8054" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "webkitgtk: Heap buffer overflow in WebCore::TextureMapperLayer::setContentsLayer leading to arbitrary code execution" }, { "cve": "CVE-2022-32792", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2023-09-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2238973" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in webkit. This issue occurs when processing maliciously crafted web content which may lead to arbitrary code execution.", "title": "Vulnerability description" }, { "category": "summary", "text": "webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw is being rated as \u0027Moderate\u0027 as WebKitGTK package is shipped as a dependency for Gnome package, additionally Red Hat Enterprise Linux doesn\u0027t ship any WebKitGTK based web browser where this flaw would present a higher severity major threat.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-32792" }, { "category": "external", "summary": "RHBZ#2238973", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2238973" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-32792", "url": "https://www.cve.org/CVERecord?id=CVE-2022-32792" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32792", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32792" }, { "category": "external", "summary": "https://wpewebkit.org/security/WSA-2022-0007.html", "url": "https://wpewebkit.org/security/WSA-2022-0007.html" } ], "release_date": "2022-07-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-11-15T13:26:22+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:8054" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution" }, { "cve": "CVE-2022-32816", "discovery_date": "2023-09-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2238975" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in webkit. This issue occurs when visiting a website that frames malicious content, which may lead to UI spoofing.", "title": "Vulnerability description" }, { "category": "summary", "text": "webkitgtk: malicious content may lead to UI spoofing", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw is being rated as \u0027Moderate\u0027 as WebKitGTK package is shipped as a dependency for Gnome package, additionally Red Hat Enterprise Linux doesn\u0027t ship any WebKitGTK based web browser where this flaw would present a higher severity major threat.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-32816" }, { "category": "external", "summary": "RHBZ#2238975", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2238975" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-32816", "url": "https://www.cve.org/CVERecord?id=CVE-2022-32816" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32816", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32816" }, { "category": "external", "summary": "https://wpewebkit.org/security/WSA-2022-0007.html", "url": "https://wpewebkit.org/security/WSA-2022-0007.html" } ], "release_date": "2022-07-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-11-15T13:26:22+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:8054" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "webkitgtk: malicious content may lead to UI spoofing" }, { "cve": "CVE-2022-32891", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "discovery_date": "2022-09-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2128647" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in webkitgtk, where an issue was addressed with improved UI handling. Visiting a website that frames malicious content may lead to UI spoofing.", "title": "Vulnerability description" }, { "category": "summary", "text": "webkitgtk: UI spoofing while Visiting a website that frames malicious content", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-32891" }, { "category": "external", "summary": "RHBZ#2128647", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2128647" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-32891", "url": "https://www.cve.org/CVERecord?id=CVE-2022-32891" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32891", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32891" }, { "category": "external", "summary": "https://webkitgtk.org/security/WSA-2022-0009.html", "url": "https://webkitgtk.org/security/WSA-2022-0009.html" } ], "release_date": "2022-09-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-11-15T13:26:22+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:8054" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "webkitgtk: UI spoofing while Visiting a website that frames malicious content" } ] }
rhsa-2022:7704
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for glib2 and webkit2gtk3 is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.\n\nGLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures.\n\nSecurity Fix(es):\n\n* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-22624)\n\n* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-22628)\n\n* webkitgtk: Buffer overflow leading to arbitrary code execution (CVE-2022-22629)\n\n* webkitgtk: Cookie management issue leading to sensitive user information disclosure (CVE-2022-22662)\n\n* webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26700)\n\n* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26709)\n\n* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26710)\n\n* webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26716)\n\n* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26717)\n\n* webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26719)\n\n* webkitgtk: Heap buffer overflow in WebCore::TextureMapperLayer::setContentsLayer leading to arbitrary code execution (CVE-2022-30293)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.7 Release Notes linked from the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2022:7704", "url": "https://access.redhat.com/errata/RHSA-2022:7704" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.7_release_notes/index", "url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.7_release_notes/index" }, { "category": "external", "summary": "2061994", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2061994" }, { "category": "external", "summary": "2073893", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073893" }, { "category": "external", "summary": "2073896", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073896" }, { "category": "external", "summary": "2073899", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073899" }, { "category": "external", "summary": "2082548", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082548" }, { "category": "external", "summary": "2092732", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092732" }, { "category": "external", "summary": "2092733", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092733" }, { "category": "external", "summary": "2092734", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092734" }, { "category": "external", "summary": "2092735", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092735" }, { "category": "external", "summary": "2092736", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092736" }, { "category": "external", "summary": "2099334", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2099334" }, { "category": "external", "summary": "2104787", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2104787" }, { "category": "external", "summary": "2104789", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2104789" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_7704.json" } ], "title": "Red Hat Security Advisory: webkit2gtk3 security and bug fix update", "tracking": { "current_release_date": "2024-11-22T19:06:55+00:00", "generator": { "date": "2024-11-22T19:06:55+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2022:7704", "initial_release_date": "2022-11-08T09:56:52+00:00", "revision_history": [ { "date": "2022-11-08T09:56:52+00:00", "number": "1", "summary": "Initial version" }, { "date": "2022-11-08T09:56:52+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T19:06:55+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux BaseOS (v. 8)", "product": { "name": "Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:8::baseos" } } }, { "category": "product_name", "name": "Red Hat CodeReady Linux Builder (v. 8)", "product": { "name": "Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA", "product_identification_helper": { "cpe": "cpe:/a:redhat:enterprise_linux:8::crb" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream (v. 8)", "product": { "name": "Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.GA", "product_identification_helper": { "cpe": "cpe:/a:redhat:enterprise_linux:8::appstream" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "glib2-0:2.56.4-159.el8.src", "product": { "name": "glib2-0:2.56.4-159.el8.src", "product_id": "glib2-0:2.56.4-159.el8.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2@2.56.4-159.el8?arch=src" } } }, { "category": "product_version", "name": "webkit2gtk3-0:2.36.7-1.el8.src", "product": { "name": "webkit2gtk3-0:2.36.7-1.el8.src", "product_id": "webkit2gtk3-0:2.36.7-1.el8.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3@2.36.7-1.el8?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "glib2-0:2.56.4-159.el8.aarch64", "product": { "name": "glib2-0:2.56.4-159.el8.aarch64", "product_id": "glib2-0:2.56.4-159.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2@2.56.4-159.el8?arch=aarch64" } } }, { "category": "product_version", "name": "glib2-devel-0:2.56.4-159.el8.aarch64", "product": { "name": "glib2-devel-0:2.56.4-159.el8.aarch64", "product_id": "glib2-devel-0:2.56.4-159.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2-devel@2.56.4-159.el8?arch=aarch64" } } }, { "category": "product_version", "name": "glib2-fam-0:2.56.4-159.el8.aarch64", "product": { "name": "glib2-fam-0:2.56.4-159.el8.aarch64", "product_id": "glib2-fam-0:2.56.4-159.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2-fam@2.56.4-159.el8?arch=aarch64" } } }, { "category": "product_version", "name": "glib2-tests-0:2.56.4-159.el8.aarch64", "product": { "name": "glib2-tests-0:2.56.4-159.el8.aarch64", "product_id": "glib2-tests-0:2.56.4-159.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2-tests@2.56.4-159.el8?arch=aarch64" } } }, { "category": "product_version", "name": "glib2-debugsource-0:2.56.4-159.el8.aarch64", "product": { "name": "glib2-debugsource-0:2.56.4-159.el8.aarch64", "product_id": "glib2-debugsource-0:2.56.4-159.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2-debugsource@2.56.4-159.el8?arch=aarch64" } } }, { "category": "product_version", "name": "glib2-debuginfo-0:2.56.4-159.el8.aarch64", "product": { "name": "glib2-debuginfo-0:2.56.4-159.el8.aarch64", "product_id": "glib2-debuginfo-0:2.56.4-159.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2-debuginfo@2.56.4-159.el8?arch=aarch64" } } }, { "category": "product_version", "name": "glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "product": { "name": "glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "product_id": "glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2-devel-debuginfo@2.56.4-159.el8?arch=aarch64" } } }, { "category": "product_version", "name": "glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "product": { "name": "glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "product_id": "glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2-fam-debuginfo@2.56.4-159.el8?arch=aarch64" } } }, { "category": "product_version", "name": "glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "product": { "name": "glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "product_id": "glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2-tests-debuginfo@2.56.4-159.el8?arch=aarch64" } } }, { "category": "product_version", "name": "glib2-static-0:2.56.4-159.el8.aarch64", "product": { "name": "glib2-static-0:2.56.4-159.el8.aarch64", "product_id": "glib2-static-0:2.56.4-159.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2-static@2.56.4-159.el8?arch=aarch64" } } }, { "category": "product_version", "name": "webkit2gtk3-0:2.36.7-1.el8.aarch64", "product": { "name": "webkit2gtk3-0:2.36.7-1.el8.aarch64", "product_id": "webkit2gtk3-0:2.36.7-1.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3@2.36.7-1.el8?arch=aarch64" } } }, { "category": "product_version", "name": "webkit2gtk3-devel-0:2.36.7-1.el8.aarch64", "product": { "name": "webkit2gtk3-devel-0:2.36.7-1.el8.aarch64", "product_id": "webkit2gtk3-devel-0:2.36.7-1.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-devel@2.36.7-1.el8?arch=aarch64" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64", "product": { "name": "webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64", "product_id": "webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc@2.36.7-1.el8?arch=aarch64" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64", "product": { "name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64", "product_id": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel@2.36.7-1.el8?arch=aarch64" } } }, { "category": "product_version", "name": "webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64", "product": { "name": "webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64", "product_id": "webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-debugsource@2.36.7-1.el8?arch=aarch64" } } }, { "category": "product_version", "name": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64", "product": { "name": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64", "product_id": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-debuginfo@2.36.7-1.el8?arch=aarch64" } } }, { "category": "product_version", "name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64", "product": { "name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64", "product_id": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-devel-debuginfo@2.36.7-1.el8?arch=aarch64" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64", "product": { "name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64", "product_id": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc-debuginfo@2.36.7-1.el8?arch=aarch64" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64", "product": { "name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64", "product_id": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel-debuginfo@2.36.7-1.el8?arch=aarch64" } } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "glib2-0:2.56.4-159.el8.ppc64le", "product": { "name": "glib2-0:2.56.4-159.el8.ppc64le", "product_id": "glib2-0:2.56.4-159.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2@2.56.4-159.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "glib2-devel-0:2.56.4-159.el8.ppc64le", "product": { "name": "glib2-devel-0:2.56.4-159.el8.ppc64le", "product_id": "glib2-devel-0:2.56.4-159.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2-devel@2.56.4-159.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "glib2-fam-0:2.56.4-159.el8.ppc64le", "product": { "name": "glib2-fam-0:2.56.4-159.el8.ppc64le", "product_id": "glib2-fam-0:2.56.4-159.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2-fam@2.56.4-159.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "glib2-tests-0:2.56.4-159.el8.ppc64le", "product": { "name": "glib2-tests-0:2.56.4-159.el8.ppc64le", "product_id": "glib2-tests-0:2.56.4-159.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2-tests@2.56.4-159.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "glib2-debugsource-0:2.56.4-159.el8.ppc64le", "product": { "name": "glib2-debugsource-0:2.56.4-159.el8.ppc64le", "product_id": "glib2-debugsource-0:2.56.4-159.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2-debugsource@2.56.4-159.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "product": { "name": "glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "product_id": "glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2-debuginfo@2.56.4-159.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "product": { "name": "glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "product_id": "glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2-devel-debuginfo@2.56.4-159.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "product": { "name": "glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "product_id": "glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2-fam-debuginfo@2.56.4-159.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "product": { "name": "glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "product_id": "glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2-tests-debuginfo@2.56.4-159.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "glib2-static-0:2.56.4-159.el8.ppc64le", "product": { "name": "glib2-static-0:2.56.4-159.el8.ppc64le", "product_id": "glib2-static-0:2.56.4-159.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2-static@2.56.4-159.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "webkit2gtk3-0:2.36.7-1.el8.ppc64le", "product": { "name": "webkit2gtk3-0:2.36.7-1.el8.ppc64le", "product_id": "webkit2gtk3-0:2.36.7-1.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3@2.36.7-1.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le", "product": { "name": "webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le", "product_id": "webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-devel@2.36.7-1.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le", "product": { "name": "webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le", "product_id": "webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc@2.36.7-1.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le", "product": { "name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le", "product_id": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel@2.36.7-1.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le", "product": { "name": "webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le", "product_id": "webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-debugsource@2.36.7-1.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le", "product": { "name": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le", "product_id": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-debuginfo@2.36.7-1.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "product": { "name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "product_id": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-devel-debuginfo@2.36.7-1.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le", "product": { "name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le", "product_id": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc-debuginfo@2.36.7-1.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "product": { "name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "product_id": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel-debuginfo@2.36.7-1.el8?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "glib2-0:2.56.4-159.el8.i686", "product": { "name": "glib2-0:2.56.4-159.el8.i686", "product_id": "glib2-0:2.56.4-159.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2@2.56.4-159.el8?arch=i686" } } }, { "category": "product_version", "name": "glib2-devel-0:2.56.4-159.el8.i686", "product": { "name": "glib2-devel-0:2.56.4-159.el8.i686", "product_id": "glib2-devel-0:2.56.4-159.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2-devel@2.56.4-159.el8?arch=i686" } } }, { "category": "product_version", "name": "glib2-debugsource-0:2.56.4-159.el8.i686", "product": { "name": "glib2-debugsource-0:2.56.4-159.el8.i686", "product_id": "glib2-debugsource-0:2.56.4-159.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2-debugsource@2.56.4-159.el8?arch=i686" } } }, { "category": "product_version", "name": "glib2-debuginfo-0:2.56.4-159.el8.i686", "product": { "name": "glib2-debuginfo-0:2.56.4-159.el8.i686", "product_id": "glib2-debuginfo-0:2.56.4-159.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2-debuginfo@2.56.4-159.el8?arch=i686" } } }, { "category": "product_version", "name": "glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "product": { "name": "glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "product_id": "glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2-devel-debuginfo@2.56.4-159.el8?arch=i686" } } }, { "category": "product_version", "name": "glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "product": { "name": "glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "product_id": "glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2-fam-debuginfo@2.56.4-159.el8?arch=i686" } } }, { "category": "product_version", "name": "glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "product": { "name": "glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "product_id": "glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2-tests-debuginfo@2.56.4-159.el8?arch=i686" } } }, { "category": "product_version", "name": "glib2-static-0:2.56.4-159.el8.i686", "product": { "name": "glib2-static-0:2.56.4-159.el8.i686", "product_id": "glib2-static-0:2.56.4-159.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2-static@2.56.4-159.el8?arch=i686" } } }, { "category": "product_version", "name": "webkit2gtk3-0:2.36.7-1.el8.i686", "product": { "name": "webkit2gtk3-0:2.36.7-1.el8.i686", "product_id": "webkit2gtk3-0:2.36.7-1.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3@2.36.7-1.el8?arch=i686" } } }, { "category": "product_version", "name": "webkit2gtk3-devel-0:2.36.7-1.el8.i686", "product": { "name": "webkit2gtk3-devel-0:2.36.7-1.el8.i686", "product_id": "webkit2gtk3-devel-0:2.36.7-1.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-devel@2.36.7-1.el8?arch=i686" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-0:2.36.7-1.el8.i686", "product": { "name": "webkit2gtk3-jsc-0:2.36.7-1.el8.i686", "product_id": "webkit2gtk3-jsc-0:2.36.7-1.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc@2.36.7-1.el8?arch=i686" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686", "product": { "name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686", "product_id": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel@2.36.7-1.el8?arch=i686" } } }, { "category": "product_version", "name": "webkit2gtk3-debugsource-0:2.36.7-1.el8.i686", "product": { "name": "webkit2gtk3-debugsource-0:2.36.7-1.el8.i686", "product_id": "webkit2gtk3-debugsource-0:2.36.7-1.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-debugsource@2.36.7-1.el8?arch=i686" } } }, { "category": "product_version", "name": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686", "product": { "name": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686", "product_id": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-debuginfo@2.36.7-1.el8?arch=i686" } } }, { "category": "product_version", "name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686", "product": { "name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686", "product_id": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-devel-debuginfo@2.36.7-1.el8?arch=i686" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686", "product": { "name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686", "product_id": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc-debuginfo@2.36.7-1.el8?arch=i686" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686", "product": { "name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686", "product_id": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel-debuginfo@2.36.7-1.el8?arch=i686" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "glib2-0:2.56.4-159.el8.x86_64", "product": { "name": "glib2-0:2.56.4-159.el8.x86_64", "product_id": "glib2-0:2.56.4-159.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2@2.56.4-159.el8?arch=x86_64" } } }, { "category": "product_version", "name": "glib2-devel-0:2.56.4-159.el8.x86_64", "product": { "name": "glib2-devel-0:2.56.4-159.el8.x86_64", "product_id": "glib2-devel-0:2.56.4-159.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2-devel@2.56.4-159.el8?arch=x86_64" } } }, { "category": "product_version", "name": "glib2-fam-0:2.56.4-159.el8.x86_64", "product": { "name": "glib2-fam-0:2.56.4-159.el8.x86_64", "product_id": "glib2-fam-0:2.56.4-159.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2-fam@2.56.4-159.el8?arch=x86_64" } } }, { "category": "product_version", "name": "glib2-tests-0:2.56.4-159.el8.x86_64", "product": { "name": "glib2-tests-0:2.56.4-159.el8.x86_64", "product_id": "glib2-tests-0:2.56.4-159.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2-tests@2.56.4-159.el8?arch=x86_64" } } }, { "category": "product_version", "name": "glib2-debugsource-0:2.56.4-159.el8.x86_64", "product": { "name": "glib2-debugsource-0:2.56.4-159.el8.x86_64", "product_id": "glib2-debugsource-0:2.56.4-159.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2-debugsource@2.56.4-159.el8?arch=x86_64" } } }, { "category": "product_version", "name": "glib2-debuginfo-0:2.56.4-159.el8.x86_64", "product": { "name": "glib2-debuginfo-0:2.56.4-159.el8.x86_64", "product_id": "glib2-debuginfo-0:2.56.4-159.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2-debuginfo@2.56.4-159.el8?arch=x86_64" } } }, { "category": "product_version", "name": "glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "product": { "name": "glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "product_id": "glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2-devel-debuginfo@2.56.4-159.el8?arch=x86_64" } } }, { "category": "product_version", "name": "glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "product": { "name": "glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "product_id": "glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2-fam-debuginfo@2.56.4-159.el8?arch=x86_64" } } }, { "category": "product_version", "name": "glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64", "product": { "name": "glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64", "product_id": "glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2-tests-debuginfo@2.56.4-159.el8?arch=x86_64" } } }, { "category": "product_version", "name": "glib2-static-0:2.56.4-159.el8.x86_64", "product": { "name": "glib2-static-0:2.56.4-159.el8.x86_64", "product_id": "glib2-static-0:2.56.4-159.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2-static@2.56.4-159.el8?arch=x86_64" } } }, { "category": "product_version", "name": "webkit2gtk3-0:2.36.7-1.el8.x86_64", "product": { "name": "webkit2gtk3-0:2.36.7-1.el8.x86_64", "product_id": "webkit2gtk3-0:2.36.7-1.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3@2.36.7-1.el8?arch=x86_64" } } }, { "category": "product_version", "name": "webkit2gtk3-devel-0:2.36.7-1.el8.x86_64", "product": { "name": "webkit2gtk3-devel-0:2.36.7-1.el8.x86_64", "product_id": "webkit2gtk3-devel-0:2.36.7-1.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-devel@2.36.7-1.el8?arch=x86_64" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64", "product": { "name": "webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64", "product_id": "webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc@2.36.7-1.el8?arch=x86_64" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64", "product": { "name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64", "product_id": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel@2.36.7-1.el8?arch=x86_64" } } }, { "category": "product_version", "name": "webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64", "product": { "name": "webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64", "product_id": "webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-debugsource@2.36.7-1.el8?arch=x86_64" } } }, { "category": "product_version", "name": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64", "product": { "name": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64", "product_id": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-debuginfo@2.36.7-1.el8?arch=x86_64" } } }, { "category": "product_version", "name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64", "product": { "name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64", "product_id": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-devel-debuginfo@2.36.7-1.el8?arch=x86_64" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64", "product": { "name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64", "product_id": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc-debuginfo@2.36.7-1.el8?arch=x86_64" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64", "product": { "name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64", "product_id": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel-debuginfo@2.36.7-1.el8?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "glib2-0:2.56.4-159.el8.s390x", "product": { "name": "glib2-0:2.56.4-159.el8.s390x", "product_id": "glib2-0:2.56.4-159.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2@2.56.4-159.el8?arch=s390x" } } }, { "category": "product_version", "name": "glib2-devel-0:2.56.4-159.el8.s390x", "product": { "name": "glib2-devel-0:2.56.4-159.el8.s390x", "product_id": "glib2-devel-0:2.56.4-159.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2-devel@2.56.4-159.el8?arch=s390x" } } }, { "category": "product_version", "name": "glib2-fam-0:2.56.4-159.el8.s390x", "product": { "name": "glib2-fam-0:2.56.4-159.el8.s390x", "product_id": "glib2-fam-0:2.56.4-159.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2-fam@2.56.4-159.el8?arch=s390x" } } }, { "category": "product_version", "name": "glib2-tests-0:2.56.4-159.el8.s390x", "product": { "name": "glib2-tests-0:2.56.4-159.el8.s390x", "product_id": "glib2-tests-0:2.56.4-159.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2-tests@2.56.4-159.el8?arch=s390x" } } }, { "category": "product_version", "name": "glib2-debugsource-0:2.56.4-159.el8.s390x", "product": { "name": "glib2-debugsource-0:2.56.4-159.el8.s390x", "product_id": "glib2-debugsource-0:2.56.4-159.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2-debugsource@2.56.4-159.el8?arch=s390x" } } }, { "category": "product_version", "name": "glib2-debuginfo-0:2.56.4-159.el8.s390x", "product": { "name": "glib2-debuginfo-0:2.56.4-159.el8.s390x", "product_id": "glib2-debuginfo-0:2.56.4-159.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2-debuginfo@2.56.4-159.el8?arch=s390x" } } }, { "category": "product_version", "name": "glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "product": { "name": "glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "product_id": "glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2-devel-debuginfo@2.56.4-159.el8?arch=s390x" } } }, { "category": "product_version", "name": "glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "product": { "name": "glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "product_id": "glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2-fam-debuginfo@2.56.4-159.el8?arch=s390x" } } }, { "category": "product_version", "name": "glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "product": { "name": "glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "product_id": "glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2-tests-debuginfo@2.56.4-159.el8?arch=s390x" } } }, { "category": "product_version", "name": "glib2-static-0:2.56.4-159.el8.s390x", "product": { "name": "glib2-static-0:2.56.4-159.el8.s390x", "product_id": "glib2-static-0:2.56.4-159.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2-static@2.56.4-159.el8?arch=s390x" } } }, { "category": "product_version", "name": "webkit2gtk3-0:2.36.7-1.el8.s390x", "product": { "name": "webkit2gtk3-0:2.36.7-1.el8.s390x", "product_id": "webkit2gtk3-0:2.36.7-1.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3@2.36.7-1.el8?arch=s390x" } } }, { "category": "product_version", "name": "webkit2gtk3-devel-0:2.36.7-1.el8.s390x", "product": { "name": "webkit2gtk3-devel-0:2.36.7-1.el8.s390x", "product_id": "webkit2gtk3-devel-0:2.36.7-1.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-devel@2.36.7-1.el8?arch=s390x" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-0:2.36.7-1.el8.s390x", "product": { "name": "webkit2gtk3-jsc-0:2.36.7-1.el8.s390x", "product_id": "webkit2gtk3-jsc-0:2.36.7-1.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc@2.36.7-1.el8?arch=s390x" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x", "product": { "name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x", "product_id": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel@2.36.7-1.el8?arch=s390x" } } }, { "category": "product_version", "name": "webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x", "product": { "name": "webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x", "product_id": "webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-debugsource@2.36.7-1.el8?arch=s390x" } } }, { "category": "product_version", "name": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x", "product": { "name": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x", "product_id": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-debuginfo@2.36.7-1.el8?arch=s390x" } } }, { "category": "product_version", "name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x", "product": { "name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x", "product_id": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-devel-debuginfo@2.36.7-1.el8?arch=s390x" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x", "product": { "name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x", "product_id": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc-debuginfo@2.36.7-1.el8?arch=s390x" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x", "product": { "name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x", "product_id": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel-debuginfo@2.36.7-1.el8?arch=s390x" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "glib2-doc-0:2.56.4-159.el8.noarch", "product": { "name": "glib2-doc-0:2.56.4-159.el8.noarch", "product_id": "glib2-doc-0:2.56.4-159.el8.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/glib2-doc@2.56.4-159.el8?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-0:2.36.7-1.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64" }, "product_reference": "webkit2gtk3-0:2.36.7-1.el8.aarch64", "relates_to_product_reference": "AppStream-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-0:2.36.7-1.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686" }, "product_reference": "webkit2gtk3-0:2.36.7-1.el8.i686", "relates_to_product_reference": "AppStream-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-0:2.36.7-1.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le" }, "product_reference": "webkit2gtk3-0:2.36.7-1.el8.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-0:2.36.7-1.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x" }, "product_reference": "webkit2gtk3-0:2.36.7-1.el8.s390x", "relates_to_product_reference": "AppStream-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-0:2.36.7-1.el8.src as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src" }, "product_reference": "webkit2gtk3-0:2.36.7-1.el8.src", "relates_to_product_reference": "AppStream-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-0:2.36.7-1.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64" }, "product_reference": "webkit2gtk3-0:2.36.7-1.el8.x86_64", "relates_to_product_reference": "AppStream-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64" }, "product_reference": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64", "relates_to_product_reference": "AppStream-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686" }, "product_reference": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686", "relates_to_product_reference": "AppStream-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le" }, "product_reference": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x" }, "product_reference": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x", "relates_to_product_reference": "AppStream-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64" }, "product_reference": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64", "relates_to_product_reference": "AppStream-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64" }, "product_reference": "webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64", "relates_to_product_reference": "AppStream-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-debugsource-0:2.36.7-1.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686" }, "product_reference": "webkit2gtk3-debugsource-0:2.36.7-1.el8.i686", "relates_to_product_reference": "AppStream-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le" }, "product_reference": "webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x" }, "product_reference": "webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x", "relates_to_product_reference": "AppStream-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64" }, "product_reference": "webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64", "relates_to_product_reference": "AppStream-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-devel-0:2.36.7-1.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64" }, "product_reference": "webkit2gtk3-devel-0:2.36.7-1.el8.aarch64", "relates_to_product_reference": "AppStream-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-devel-0:2.36.7-1.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686" }, "product_reference": "webkit2gtk3-devel-0:2.36.7-1.el8.i686", "relates_to_product_reference": "AppStream-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le" }, "product_reference": "webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-devel-0:2.36.7-1.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x" }, "product_reference": "webkit2gtk3-devel-0:2.36.7-1.el8.s390x", "relates_to_product_reference": "AppStream-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-devel-0:2.36.7-1.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64" }, "product_reference": "webkit2gtk3-devel-0:2.36.7-1.el8.x86_64", "relates_to_product_reference": "AppStream-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64" }, "product_reference": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64", "relates_to_product_reference": "AppStream-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686" }, "product_reference": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686", "relates_to_product_reference": "AppStream-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le" }, "product_reference": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x" }, "product_reference": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x", "relates_to_product_reference": "AppStream-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64" }, "product_reference": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64", "relates_to_product_reference": "AppStream-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64" }, "product_reference": "webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64", "relates_to_product_reference": "AppStream-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-0:2.36.7-1.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686" }, "product_reference": "webkit2gtk3-jsc-0:2.36.7-1.el8.i686", "relates_to_product_reference": "AppStream-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le" }, "product_reference": "webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-0:2.36.7-1.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x" }, "product_reference": "webkit2gtk3-jsc-0:2.36.7-1.el8.s390x", "relates_to_product_reference": "AppStream-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64" }, "product_reference": "webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64", "relates_to_product_reference": "AppStream-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64" }, "product_reference": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64", "relates_to_product_reference": "AppStream-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686" }, "product_reference": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686", "relates_to_product_reference": "AppStream-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le" }, "product_reference": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x" }, "product_reference": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x", "relates_to_product_reference": "AppStream-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64" }, "product_reference": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64", "relates_to_product_reference": "AppStream-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64" }, "product_reference": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64", "relates_to_product_reference": "AppStream-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686" }, "product_reference": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686", "relates_to_product_reference": "AppStream-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le" }, "product_reference": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x" }, "product_reference": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x", "relates_to_product_reference": "AppStream-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64" }, "product_reference": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64", "relates_to_product_reference": "AppStream-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64" }, "product_reference": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64", "relates_to_product_reference": "AppStream-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686" }, "product_reference": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686", "relates_to_product_reference": "AppStream-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le" }, "product_reference": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x" }, "product_reference": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x", "relates_to_product_reference": "AppStream-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64" }, "product_reference": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64", "relates_to_product_reference": "AppStream-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-0:2.56.4-159.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64" }, "product_reference": "glib2-0:2.56.4-159.el8.aarch64", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-0:2.56.4-159.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686" }, "product_reference": "glib2-0:2.56.4-159.el8.i686", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-0:2.56.4-159.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le" }, "product_reference": "glib2-0:2.56.4-159.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-0:2.56.4-159.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x" }, "product_reference": "glib2-0:2.56.4-159.el8.s390x", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-0:2.56.4-159.el8.src as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src" }, "product_reference": "glib2-0:2.56.4-159.el8.src", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-0:2.56.4-159.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64" }, "product_reference": "glib2-0:2.56.4-159.el8.x86_64", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-debuginfo-0:2.56.4-159.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64" }, "product_reference": "glib2-debuginfo-0:2.56.4-159.el8.aarch64", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-debuginfo-0:2.56.4-159.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686" }, "product_reference": "glib2-debuginfo-0:2.56.4-159.el8.i686", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-debuginfo-0:2.56.4-159.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le" }, "product_reference": "glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-debuginfo-0:2.56.4-159.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x" }, "product_reference": "glib2-debuginfo-0:2.56.4-159.el8.s390x", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-debuginfo-0:2.56.4-159.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64" }, "product_reference": "glib2-debuginfo-0:2.56.4-159.el8.x86_64", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-debugsource-0:2.56.4-159.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64" }, "product_reference": "glib2-debugsource-0:2.56.4-159.el8.aarch64", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-debugsource-0:2.56.4-159.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686" }, "product_reference": "glib2-debugsource-0:2.56.4-159.el8.i686", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-debugsource-0:2.56.4-159.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le" }, "product_reference": "glib2-debugsource-0:2.56.4-159.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-debugsource-0:2.56.4-159.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x" }, "product_reference": "glib2-debugsource-0:2.56.4-159.el8.s390x", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-debugsource-0:2.56.4-159.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64" }, "product_reference": "glib2-debugsource-0:2.56.4-159.el8.x86_64", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-devel-0:2.56.4-159.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64" }, "product_reference": "glib2-devel-0:2.56.4-159.el8.aarch64", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-devel-0:2.56.4-159.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686" }, "product_reference": "glib2-devel-0:2.56.4-159.el8.i686", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-devel-0:2.56.4-159.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le" }, "product_reference": "glib2-devel-0:2.56.4-159.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-devel-0:2.56.4-159.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x" }, "product_reference": "glib2-devel-0:2.56.4-159.el8.s390x", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-devel-0:2.56.4-159.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64" }, "product_reference": "glib2-devel-0:2.56.4-159.el8.x86_64", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64" }, "product_reference": "glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-devel-debuginfo-0:2.56.4-159.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686" }, "product_reference": "glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le" }, "product_reference": "glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-devel-debuginfo-0:2.56.4-159.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x" }, "product_reference": "glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64" }, "product_reference": "glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-doc-0:2.56.4-159.el8.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch" }, "product_reference": "glib2-doc-0:2.56.4-159.el8.noarch", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-fam-0:2.56.4-159.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64" }, "product_reference": "glib2-fam-0:2.56.4-159.el8.aarch64", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-fam-0:2.56.4-159.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le" }, "product_reference": "glib2-fam-0:2.56.4-159.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-fam-0:2.56.4-159.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x" }, "product_reference": "glib2-fam-0:2.56.4-159.el8.s390x", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-fam-0:2.56.4-159.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64" }, "product_reference": "glib2-fam-0:2.56.4-159.el8.x86_64", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64" }, "product_reference": "glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-fam-debuginfo-0:2.56.4-159.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686" }, "product_reference": "glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le" }, "product_reference": "glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-fam-debuginfo-0:2.56.4-159.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x" }, "product_reference": "glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64" }, "product_reference": "glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-static-0:2.56.4-159.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64" }, "product_reference": "glib2-static-0:2.56.4-159.el8.aarch64", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-static-0:2.56.4-159.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686" }, "product_reference": "glib2-static-0:2.56.4-159.el8.i686", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-static-0:2.56.4-159.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le" }, "product_reference": "glib2-static-0:2.56.4-159.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-static-0:2.56.4-159.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x" }, "product_reference": "glib2-static-0:2.56.4-159.el8.s390x", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-static-0:2.56.4-159.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64" }, "product_reference": "glib2-static-0:2.56.4-159.el8.x86_64", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-tests-0:2.56.4-159.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64" }, "product_reference": "glib2-tests-0:2.56.4-159.el8.aarch64", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-tests-0:2.56.4-159.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le" }, "product_reference": "glib2-tests-0:2.56.4-159.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-tests-0:2.56.4-159.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x" }, "product_reference": "glib2-tests-0:2.56.4-159.el8.s390x", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-tests-0:2.56.4-159.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64" }, "product_reference": "glib2-tests-0:2.56.4-159.el8.x86_64", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64" }, "product_reference": "glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-tests-debuginfo-0:2.56.4-159.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686" }, "product_reference": "glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le" }, "product_reference": "glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-tests-debuginfo-0:2.56.4-159.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x" }, "product_reference": "glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64" }, "product_reference": "glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64", "relates_to_product_reference": "BaseOS-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-0:2.56.4-159.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64" }, "product_reference": "glib2-0:2.56.4-159.el8.aarch64", "relates_to_product_reference": "CRB-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-0:2.56.4-159.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686" }, "product_reference": "glib2-0:2.56.4-159.el8.i686", "relates_to_product_reference": "CRB-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-0:2.56.4-159.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le" }, "product_reference": "glib2-0:2.56.4-159.el8.ppc64le", "relates_to_product_reference": "CRB-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-0:2.56.4-159.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x" }, "product_reference": "glib2-0:2.56.4-159.el8.s390x", "relates_to_product_reference": "CRB-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-0:2.56.4-159.el8.src as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src" }, "product_reference": "glib2-0:2.56.4-159.el8.src", "relates_to_product_reference": "CRB-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-0:2.56.4-159.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64" }, "product_reference": "glib2-0:2.56.4-159.el8.x86_64", "relates_to_product_reference": "CRB-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-debuginfo-0:2.56.4-159.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64" }, "product_reference": "glib2-debuginfo-0:2.56.4-159.el8.aarch64", "relates_to_product_reference": "CRB-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-debuginfo-0:2.56.4-159.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686" }, "product_reference": "glib2-debuginfo-0:2.56.4-159.el8.i686", "relates_to_product_reference": "CRB-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-debuginfo-0:2.56.4-159.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le" }, "product_reference": "glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "relates_to_product_reference": "CRB-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-debuginfo-0:2.56.4-159.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x" }, "product_reference": "glib2-debuginfo-0:2.56.4-159.el8.s390x", "relates_to_product_reference": "CRB-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-debuginfo-0:2.56.4-159.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64" }, "product_reference": "glib2-debuginfo-0:2.56.4-159.el8.x86_64", "relates_to_product_reference": "CRB-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-debugsource-0:2.56.4-159.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64" }, "product_reference": "glib2-debugsource-0:2.56.4-159.el8.aarch64", "relates_to_product_reference": "CRB-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-debugsource-0:2.56.4-159.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686" }, "product_reference": "glib2-debugsource-0:2.56.4-159.el8.i686", "relates_to_product_reference": "CRB-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-debugsource-0:2.56.4-159.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le" }, "product_reference": "glib2-debugsource-0:2.56.4-159.el8.ppc64le", "relates_to_product_reference": "CRB-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-debugsource-0:2.56.4-159.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x" }, "product_reference": "glib2-debugsource-0:2.56.4-159.el8.s390x", "relates_to_product_reference": "CRB-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-debugsource-0:2.56.4-159.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64" }, "product_reference": "glib2-debugsource-0:2.56.4-159.el8.x86_64", "relates_to_product_reference": "CRB-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-devel-0:2.56.4-159.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64" }, "product_reference": "glib2-devel-0:2.56.4-159.el8.aarch64", "relates_to_product_reference": "CRB-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-devel-0:2.56.4-159.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686" }, "product_reference": "glib2-devel-0:2.56.4-159.el8.i686", "relates_to_product_reference": "CRB-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-devel-0:2.56.4-159.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le" }, "product_reference": "glib2-devel-0:2.56.4-159.el8.ppc64le", "relates_to_product_reference": "CRB-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-devel-0:2.56.4-159.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x" }, "product_reference": "glib2-devel-0:2.56.4-159.el8.s390x", "relates_to_product_reference": "CRB-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-devel-0:2.56.4-159.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64" }, "product_reference": "glib2-devel-0:2.56.4-159.el8.x86_64", "relates_to_product_reference": "CRB-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64" }, "product_reference": "glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "relates_to_product_reference": "CRB-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-devel-debuginfo-0:2.56.4-159.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686" }, "product_reference": "glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "relates_to_product_reference": "CRB-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le" }, "product_reference": "glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "relates_to_product_reference": "CRB-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-devel-debuginfo-0:2.56.4-159.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x" }, "product_reference": "glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "relates_to_product_reference": "CRB-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64" }, "product_reference": "glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "relates_to_product_reference": "CRB-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-doc-0:2.56.4-159.el8.noarch as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch" }, "product_reference": "glib2-doc-0:2.56.4-159.el8.noarch", "relates_to_product_reference": "CRB-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-fam-0:2.56.4-159.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64" }, "product_reference": "glib2-fam-0:2.56.4-159.el8.aarch64", "relates_to_product_reference": "CRB-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-fam-0:2.56.4-159.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le" }, "product_reference": "glib2-fam-0:2.56.4-159.el8.ppc64le", "relates_to_product_reference": "CRB-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-fam-0:2.56.4-159.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x" }, "product_reference": "glib2-fam-0:2.56.4-159.el8.s390x", "relates_to_product_reference": "CRB-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-fam-0:2.56.4-159.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64" }, "product_reference": "glib2-fam-0:2.56.4-159.el8.x86_64", "relates_to_product_reference": "CRB-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64" }, "product_reference": "glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "relates_to_product_reference": "CRB-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-fam-debuginfo-0:2.56.4-159.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686" }, "product_reference": "glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "relates_to_product_reference": "CRB-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le" }, "product_reference": "glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "relates_to_product_reference": "CRB-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-fam-debuginfo-0:2.56.4-159.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x" }, "product_reference": "glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "relates_to_product_reference": "CRB-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64" }, "product_reference": "glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "relates_to_product_reference": "CRB-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-static-0:2.56.4-159.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64" }, "product_reference": "glib2-static-0:2.56.4-159.el8.aarch64", "relates_to_product_reference": "CRB-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-static-0:2.56.4-159.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686" }, "product_reference": "glib2-static-0:2.56.4-159.el8.i686", "relates_to_product_reference": "CRB-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-static-0:2.56.4-159.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le" }, "product_reference": "glib2-static-0:2.56.4-159.el8.ppc64le", "relates_to_product_reference": "CRB-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-static-0:2.56.4-159.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x" }, "product_reference": "glib2-static-0:2.56.4-159.el8.s390x", "relates_to_product_reference": "CRB-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-static-0:2.56.4-159.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64" }, "product_reference": "glib2-static-0:2.56.4-159.el8.x86_64", "relates_to_product_reference": "CRB-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-tests-0:2.56.4-159.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64" }, "product_reference": "glib2-tests-0:2.56.4-159.el8.aarch64", "relates_to_product_reference": "CRB-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-tests-0:2.56.4-159.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le" }, "product_reference": "glib2-tests-0:2.56.4-159.el8.ppc64le", "relates_to_product_reference": "CRB-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-tests-0:2.56.4-159.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x" }, "product_reference": "glib2-tests-0:2.56.4-159.el8.s390x", "relates_to_product_reference": "CRB-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-tests-0:2.56.4-159.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64" }, "product_reference": "glib2-tests-0:2.56.4-159.el8.x86_64", "relates_to_product_reference": "CRB-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64" }, "product_reference": "glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "relates_to_product_reference": "CRB-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-tests-debuginfo-0:2.56.4-159.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686" }, "product_reference": "glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "relates_to_product_reference": "CRB-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le" }, "product_reference": "glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "relates_to_product_reference": "CRB-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-tests-debuginfo-0:2.56.4-159.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x" }, "product_reference": "glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "relates_to_product_reference": "CRB-8.7.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64" }, "product_reference": "glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64", "relates_to_product_reference": "CRB-8.7.0.GA" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-22624", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2022-04-11T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2073893" } ], "notes": [ { "category": "description", "text": "A use-after-free issue was found in WebKitGTK and WPE WebKit. This flaw allows a remote attacker to process maliciously crafted web content, leading to arbitrary code execution.", "title": "Vulnerability description" }, { "category": "summary", "text": "webkitgtk: Use-after-free leading to arbitrary code execution", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64" ], "known_not_affected": [ "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-22624" }, { "category": "external", "summary": "RHBZ#2073893", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073893" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-22624", "url": "https://www.cve.org/CVERecord?id=CVE-2022-22624" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22624", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22624" } ], "release_date": "2022-04-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-11-08T09:56:52+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:7704" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "webkitgtk: Use-after-free leading to arbitrary code execution" }, { "cve": "CVE-2022-22628", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2022-04-11T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2073896" } ], "notes": [ { "category": "description", "text": "A use-after-free issue was found in WebKitGTK and WPE WebKit. This flaw allows a remote attacker to process maliciously crafted web content, leading to arbitrary code execution.", "title": "Vulnerability description" }, { "category": "summary", "text": "webkitgtk: Use-after-free leading to arbitrary code execution", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64" ], "known_not_affected": [ "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-22628" }, { "category": "external", "summary": "RHBZ#2073896", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073896" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-22628", "url": "https://www.cve.org/CVERecord?id=CVE-2022-22628" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22628", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22628" } ], "release_date": "2022-04-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-11-08T09:56:52+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:7704" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "webkitgtk: Use-after-free leading to arbitrary code execution" }, { "cve": "CVE-2022-22629", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "discovery_date": "2022-04-11T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2073899" } ], "notes": [ { "category": "description", "text": "A buffer overflow vulnerability was found in WebKitGTK and WPE WebKit. This flaw allows a remote attacker to process maliciously crafted web content, leading to arbitrary code execution.", "title": "Vulnerability description" }, { "category": "summary", "text": "webkitgtk: Buffer overflow leading to arbitrary code execution", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64" ], "known_not_affected": [ "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-22629" }, { "category": "external", "summary": "RHBZ#2073899", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073899" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-22629", "url": "https://www.cve.org/CVERecord?id=CVE-2022-22629" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22629", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22629" } ], "release_date": "2022-04-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-11-08T09:56:52+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:7704" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "webkitgtk: Buffer overflow leading to arbitrary code execution" }, { "cve": "CVE-2022-22662", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2022-07-07T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2104787" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in WebKitGTK, where an issue occurs due to improper cookie management. This flaw allows a remote attacker to trick the victim into parsing maliciously crafted web content, triggering the vulnerability and gaining access to potentially sensitive information.", "title": "Vulnerability description" }, { "category": "summary", "text": "webkitgtk: Cookie management issue leading to sensitive user information disclosure", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux 6, 7, 8, and 9 are affected because the code-base is affected by this vulnerability.\n\nSince Red Hat Enterprise Linux 6 and 7 are Out-of-Support-Scope for Low/Moderate flaws, the issue is not currently planned to be addressed in future updates for RHEL-6,7. Only Important and Critical severity flaws will be addressed at this time.\n\nFor additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/ and Red Hat Enterprise Linux Life Cycle \u0026 Updates Policy: https://access.redhat.com/support/policy/updates/errata/.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64" ], "known_not_affected": [ "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-22662" }, { "category": "external", "summary": "RHBZ#2104787", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2104787" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-22662", "url": "https://www.cve.org/CVERecord?id=CVE-2022-22662" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22662", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22662" }, { "category": "external", "summary": "https://webkitgtk.org/security/WSA-2022-0006.html", "url": "https://webkitgtk.org/security/WSA-2022-0006.html" } ], "release_date": "2022-07-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-11-08T09:56:52+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:7704" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "webkitgtk: Cookie management issue leading to sensitive user information disclosure" }, { "cve": "CVE-2022-26700", "cwe": { "id": "CWE-1173", "name": "Improper Use of Validation Framework" }, "discovery_date": "2022-06-02T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2092732" } ], "notes": [ { "category": "description", "text": "A flaw was found in webkitgtk. The vulnerability occurs due to improper input validation, leading to memory corruption. This flaw allows an attacker with network access to pass specially crafted web content files, causing an application to halt, crash, or arbitrary code execution.", "title": "Vulnerability description" }, { "category": "summary", "text": "webkitgtk: Memory corruption issue leading to arbitrary code execution", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64" ], "known_not_affected": [ "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-26700" }, { "category": "external", "summary": "RHBZ#2092732", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092732" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-26700", "url": "https://www.cve.org/CVERecord?id=CVE-2022-26700" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-26700", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26700" }, { "category": "external", "summary": "https://webkitgtk.org/security/WSA-2022-0005.html", "url": "https://webkitgtk.org/security/WSA-2022-0005.html" } ], "release_date": "2022-05-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-11-08T09:56:52+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:7704" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "webkitgtk: Memory corruption issue leading to arbitrary code execution" }, { "cve": "CVE-2022-26709", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2022-06-02T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2092733" } ], "notes": [ { "category": "description", "text": "A flaw was found in webkitgtk. Due to improper input validation, the issue occurs, leading to a use-after-free vulnerability. This flaw allows an attacker with network access to pass specially crafted web content files, causing an application to halt, crash, or arbitrary code execution.", "title": "Vulnerability description" }, { "category": "summary", "text": "webkitgtk: Use-after-free leading to arbitrary code execution", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64" ], "known_not_affected": [ "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-26709" }, { "category": "external", "summary": "RHBZ#2092733", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092733" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-26709", "url": "https://www.cve.org/CVERecord?id=CVE-2022-26709" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-26709", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26709" }, { "category": "external", "summary": "https://webkitgtk.org/security/WSA-2022-0005.html", "url": "https://webkitgtk.org/security/WSA-2022-0005.html" } ], "release_date": "2022-05-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-11-08T09:56:52+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:7704" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "webkitgtk: Use-after-free leading to arbitrary code execution" }, { "cve": "CVE-2022-26710", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2022-07-07T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2104789" } ], "notes": [ { "category": "description", "text": "A use-after-free vulnerability was found in WebKitGTK. The flaw occurs when processing maliciously crafted HTML content in WebKit. This flaw allows a remote attacker to trick the victim into visiting a specially crafted website, triggering memory corruption and executing arbitrary code on the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "webkitgtk: Use-after-free leading to arbitrary code execution", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux 6, 7, 8, and 9 are affected because the code-base is affected by this vulnerability.\n\nSince Red Hat Enterprise Linux 6 and 7 are Out-of-Support-Scope for Low/Moderate flaws, the issue is not currently planned to be addressed in future updates for RHEL-6,7. Only Important and Critical severity flaws will be addressed at this time.\n\nFor additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/ and Red Hat Enterprise Linux Life Cycle \u0026 Updates Policy: https://access.redhat.com/support/policy/updates/errata/.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64" ], "known_not_affected": [ "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-26710" }, { "category": "external", "summary": "RHBZ#2104789", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2104789" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-26710", "url": "https://www.cve.org/CVERecord?id=CVE-2022-26710" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-26710", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26710" }, { "category": "external", "summary": "https://webkitgtk.org/security/WSA-2022-0006.html", "url": "https://webkitgtk.org/security/WSA-2022-0006.html" } ], "release_date": "2022-07-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-11-08T09:56:52+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:7704" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "webkitgtk: Use-after-free leading to arbitrary code execution" }, { "cve": "CVE-2022-26716", "cwe": { "id": "CWE-1173", "name": "Improper Use of Validation Framework" }, "discovery_date": "2022-06-02T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2092734" } ], "notes": [ { "category": "description", "text": "A flaw was found in webkitgtk. Due to improper input validation, the issue occurs, leading to a memory corruption vulnerability. This flaw allows an attacker with network access to pass specially crafted web content files, causing an application to halt, crash, or arbitrary code execution.", "title": "Vulnerability description" }, { "category": "summary", "text": "webkitgtk: Memory corruption issue leading to arbitrary code execution", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64" ], "known_not_affected": [ "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-26716" }, { "category": "external", "summary": "RHBZ#2092734", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092734" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-26716", "url": "https://www.cve.org/CVERecord?id=CVE-2022-26716" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-26716", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26716" }, { "category": "external", "summary": "https://webkitgtk.org/security/WSA-2022-0005.html", "url": "https://webkitgtk.org/security/WSA-2022-0005.html" } ], "release_date": "2022-05-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-11-08T09:56:52+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:7704" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "webkitgtk: Memory corruption issue leading to arbitrary code execution" }, { "cve": "CVE-2022-26717", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2022-06-02T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2092735" } ], "notes": [ { "category": "description", "text": "A flaw was found in webkitgtk. Due to improper input validation, the issue occurs, leading to a use-after-free vulnerability. This flaw allows an attacker with network access to pass specially crafted web content files, causing an application to halt, crash, or arbitrary code execution.", "title": "Vulnerability description" }, { "category": "summary", "text": "webkitgtk: Use-after-free leading to arbitrary code execution", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64" ], "known_not_affected": [ "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-26717" }, { "category": "external", "summary": "RHBZ#2092735", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092735" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-26717", "url": "https://www.cve.org/CVERecord?id=CVE-2022-26717" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-26717", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26717" }, { "category": "external", "summary": "https://webkitgtk.org/security/WSA-2022-0005.html", "url": "https://webkitgtk.org/security/WSA-2022-0005.html" } ], "release_date": "2022-05-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-11-08T09:56:52+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:7704" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "webkitgtk: Use-after-free leading to arbitrary code execution" }, { "cve": "CVE-2022-26719", "cwe": { "id": "CWE-1173", "name": "Improper Use of Validation Framework" }, "discovery_date": "2022-06-02T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2092736" } ], "notes": [ { "category": "description", "text": "A flaw was found in webkitgtk. Due to improper input validation, the issue occurs, leading to memory corruption. This flaw allows an attacker with network access to pass specially crafted web content files, causing an application to halt, crash, or arbitrary code execution.", "title": "Vulnerability description" }, { "category": "summary", "text": "webkitgtk: Memory corruption issue leading to arbitrary code execution", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64" ], "known_not_affected": [ "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-26719" }, { "category": "external", "summary": "RHBZ#2092736", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092736" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-26719", "url": "https://www.cve.org/CVERecord?id=CVE-2022-26719" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-26719", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26719" }, { "category": "external", "summary": "https://webkitgtk.org/security/WSA-2022-0005.html", "url": "https://webkitgtk.org/security/WSA-2022-0005.html" } ], "release_date": "2022-05-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-11-08T09:56:52+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:7704" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "webkitgtk: Memory corruption issue leading to arbitrary code execution" }, { "cve": "CVE-2022-30293", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2022-05-06T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2082548" } ], "notes": [ { "category": "description", "text": "A heap buffer overflow vulnerability was found in WebKitGTK. The vulnerability occurs when processing or rendering HTML content in WebKit. This flaw allows a remote attacker to trick the victim into opening a specially crafted web page, triggering a heap buffer overflow error and leading to the execution of arbitrary code on the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "webkitgtk: Heap buffer overflow in WebCore::TextureMapperLayer::setContentsLayer leading to arbitrary code execution", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64" ], "known_not_affected": [ "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-30293" }, { "category": "external", "summary": "RHBZ#2082548", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082548" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-30293", "url": "https://www.cve.org/CVERecord?id=CVE-2022-30293" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30293", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30293" } ], "release_date": "2022-05-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-11-08T09:56:52+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:7704" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "webkitgtk: Heap buffer overflow in WebCore::TextureMapperLayer::setContentsLayer leading to arbitrary code execution" }, { "cve": "CVE-2022-32792", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2023-09-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2238973" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in webkit. This issue occurs when processing maliciously crafted web content which may lead to arbitrary code execution.", "title": "Vulnerability description" }, { "category": "summary", "text": "webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw is being rated as \u0027Moderate\u0027 as WebKitGTK package is shipped as a dependency for Gnome package, additionally Red Hat Enterprise Linux doesn\u0027t ship any WebKitGTK based web browser where this flaw would present a higher severity major threat.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-32792" }, { "category": "external", "summary": "RHBZ#2238973", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2238973" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-32792", "url": "https://www.cve.org/CVERecord?id=CVE-2022-32792" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32792", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32792" }, { "category": "external", "summary": "https://wpewebkit.org/security/WSA-2022-0007.html", "url": "https://wpewebkit.org/security/WSA-2022-0007.html" } ], "release_date": "2022-07-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-11-08T09:56:52+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:7704" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution" }, { "cve": "CVE-2022-32816", "discovery_date": "2023-09-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2238975" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in webkit. This issue occurs when visiting a website that frames malicious content, which may lead to UI spoofing.", "title": "Vulnerability description" }, { "category": "summary", "text": "webkitgtk: malicious content may lead to UI spoofing", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw is being rated as \u0027Moderate\u0027 as WebKitGTK package is shipped as a dependency for Gnome package, additionally Red Hat Enterprise Linux doesn\u0027t ship any WebKitGTK based web browser where this flaw would present a higher severity major threat.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-32816" }, { "category": "external", "summary": "RHBZ#2238975", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2238975" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-32816", "url": "https://www.cve.org/CVERecord?id=CVE-2022-32816" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32816", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32816" }, { "category": "external", "summary": "https://wpewebkit.org/security/WSA-2022-0007.html", "url": "https://wpewebkit.org/security/WSA-2022-0007.html" } ], "release_date": "2022-07-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-11-08T09:56:52+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:7704" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "webkitgtk: malicious content may lead to UI spoofing" }, { "cve": "CVE-2022-32891", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "discovery_date": "2022-09-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2128647" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in webkitgtk, where an issue was addressed with improved UI handling. Visiting a website that frames malicious content may lead to UI spoofing.", "title": "Vulnerability description" }, { "category": "summary", "text": "webkitgtk: UI spoofing while Visiting a website that frames malicious content", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-32891" }, { "category": "external", "summary": "RHBZ#2128647", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2128647" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-32891", "url": "https://www.cve.org/CVERecord?id=CVE-2022-32891" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32891", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32891" }, { "category": "external", "summary": "https://webkitgtk.org/security/WSA-2022-0009.html", "url": "https://webkitgtk.org/security/WSA-2022-0009.html" } ], "release_date": "2022-09-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-11-08T09:56:52+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:7704" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src", "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x", "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src", "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x", "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "webkitgtk: UI spoofing while Visiting a website that frames malicious content" } ] }
RHSA-2022:8054
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.\n\nSecurity Fix(es):\n\n* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-22624)\n\n* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-22628)\n\n* webkitgtk: Buffer overflow leading to arbitrary code execution (CVE-2022-22629)\n\n* webkitgtk: Cookie management issue leading to sensitive user information disclosure (CVE-2022-22662)\n\n* webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26700)\n\n* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26709)\n\n* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26710)\n\n* webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26716)\n\n* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26717)\n\n* webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26719)\n\n* webkitgtk: Heap buffer overflow in WebCore::TextureMapperLayer::setContentsLayer leading to arbitrary code execution (CVE-2022-30293)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 9.1 Release Notes linked from the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2022:8054", "url": "https://access.redhat.com/errata/RHSA-2022:8054" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.1_release_notes/index", "url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.1_release_notes/index" }, { "category": "external", "summary": "2061996", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2061996" }, { "category": "external", "summary": "2073893", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073893" }, { "category": "external", "summary": "2073896", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073896" }, { "category": "external", "summary": "2073899", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073899" }, { "category": "external", "summary": "2082548", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082548" }, { "category": "external", "summary": "2092732", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092732" }, { "category": "external", "summary": "2092733", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092733" }, { "category": "external", "summary": "2092734", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092734" }, { "category": "external", "summary": "2092735", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092735" }, { "category": "external", "summary": "2092736", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092736" }, { "category": "external", "summary": "2104787", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2104787" }, { "category": "external", "summary": "2104789", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2104789" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_8054.json" } ], "title": "Red Hat Security Advisory: webkit2gtk3 security and bug fix update", "tracking": { "current_release_date": "2024-11-22T19:07:05+00:00", "generator": { "date": "2024-11-22T19:07:05+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2022:8054", "initial_release_date": "2022-11-15T13:26:22+00:00", "revision_history": [ { "date": "2022-11-15T13:26:22+00:00", "number": "1", "summary": "Initial version" }, { "date": "2022-11-15T13:26:22+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T19:07:05+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream (v. 9)", "product": { "name": "Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA", "product_identification_helper": { "cpe": "cpe:/a:redhat:enterprise_linux:9::appstream" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "webkit2gtk3-0:2.36.7-1.el9.src", "product": { "name": "webkit2gtk3-0:2.36.7-1.el9.src", "product_id": "webkit2gtk3-0:2.36.7-1.el9.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3@2.36.7-1.el9?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "webkit2gtk3-0:2.36.7-1.el9.aarch64", "product": { "name": "webkit2gtk3-0:2.36.7-1.el9.aarch64", "product_id": "webkit2gtk3-0:2.36.7-1.el9.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3@2.36.7-1.el9?arch=aarch64" } } }, { "category": "product_version", "name": "webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "product": { "name": "webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "product_id": "webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-devel@2.36.7-1.el9?arch=aarch64" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "product": { "name": "webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "product_id": "webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc@2.36.7-1.el9?arch=aarch64" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "product": { "name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "product_id": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel@2.36.7-1.el9?arch=aarch64" } } }, { "category": "product_version", "name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "product": { "name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "product_id": "webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-debugsource@2.36.7-1.el9?arch=aarch64" } } }, { "category": "product_version", "name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "product": { "name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "product_id": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-debuginfo@2.36.7-1.el9?arch=aarch64" } } }, { "category": "product_version", "name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "product": { "name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "product_id": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-devel-debuginfo@2.36.7-1.el9?arch=aarch64" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "product": { "name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "product_id": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc-debuginfo@2.36.7-1.el9?arch=aarch64" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "product": { "name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "product_id": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel-debuginfo@2.36.7-1.el9?arch=aarch64" } } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "webkit2gtk3-0:2.36.7-1.el9.ppc64le", "product": { "name": "webkit2gtk3-0:2.36.7-1.el9.ppc64le", "product_id": "webkit2gtk3-0:2.36.7-1.el9.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3@2.36.7-1.el9?arch=ppc64le" } } }, { "category": "product_version", "name": "webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "product": { "name": "webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "product_id": "webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-devel@2.36.7-1.el9?arch=ppc64le" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "product": { "name": "webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "product_id": "webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc@2.36.7-1.el9?arch=ppc64le" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "product": { "name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "product_id": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel@2.36.7-1.el9?arch=ppc64le" } } }, { "category": "product_version", "name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "product": { "name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "product_id": "webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-debugsource@2.36.7-1.el9?arch=ppc64le" } } }, { "category": "product_version", "name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "product": { "name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "product_id": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-debuginfo@2.36.7-1.el9?arch=ppc64le" } } }, { "category": "product_version", "name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "product": { "name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "product_id": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-devel-debuginfo@2.36.7-1.el9?arch=ppc64le" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "product": { "name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "product_id": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc-debuginfo@2.36.7-1.el9?arch=ppc64le" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "product": { "name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "product_id": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel-debuginfo@2.36.7-1.el9?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "webkit2gtk3-0:2.36.7-1.el9.i686", "product": { "name": "webkit2gtk3-0:2.36.7-1.el9.i686", "product_id": "webkit2gtk3-0:2.36.7-1.el9.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3@2.36.7-1.el9?arch=i686" } } }, { "category": "product_version", "name": "webkit2gtk3-devel-0:2.36.7-1.el9.i686", "product": { "name": "webkit2gtk3-devel-0:2.36.7-1.el9.i686", "product_id": "webkit2gtk3-devel-0:2.36.7-1.el9.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-devel@2.36.7-1.el9?arch=i686" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "product": { "name": "webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "product_id": "webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc@2.36.7-1.el9?arch=i686" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "product": { "name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "product_id": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel@2.36.7-1.el9?arch=i686" } } }, { "category": "product_version", "name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "product": { "name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "product_id": "webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-debugsource@2.36.7-1.el9?arch=i686" } } }, { "category": "product_version", "name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "product": { "name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "product_id": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-debuginfo@2.36.7-1.el9?arch=i686" } } }, { "category": "product_version", "name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "product": { "name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "product_id": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-devel-debuginfo@2.36.7-1.el9?arch=i686" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "product": { "name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "product_id": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc-debuginfo@2.36.7-1.el9?arch=i686" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "product": { "name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "product_id": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel-debuginfo@2.36.7-1.el9?arch=i686" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "webkit2gtk3-0:2.36.7-1.el9.x86_64", "product": { "name": "webkit2gtk3-0:2.36.7-1.el9.x86_64", "product_id": "webkit2gtk3-0:2.36.7-1.el9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3@2.36.7-1.el9?arch=x86_64" } } }, { "category": "product_version", "name": "webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "product": { "name": "webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "product_id": "webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-devel@2.36.7-1.el9?arch=x86_64" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "product": { "name": "webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "product_id": "webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc@2.36.7-1.el9?arch=x86_64" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "product": { "name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "product_id": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel@2.36.7-1.el9?arch=x86_64" } } }, { "category": "product_version", "name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "product": { "name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "product_id": "webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-debugsource@2.36.7-1.el9?arch=x86_64" } } }, { "category": "product_version", "name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "product": { "name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "product_id": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-debuginfo@2.36.7-1.el9?arch=x86_64" } } }, { "category": "product_version", "name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "product": { "name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "product_id": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-devel-debuginfo@2.36.7-1.el9?arch=x86_64" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "product": { "name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "product_id": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc-debuginfo@2.36.7-1.el9?arch=x86_64" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64", "product": { "name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64", "product_id": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel-debuginfo@2.36.7-1.el9?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "webkit2gtk3-0:2.36.7-1.el9.s390x", "product": { "name": "webkit2gtk3-0:2.36.7-1.el9.s390x", "product_id": "webkit2gtk3-0:2.36.7-1.el9.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3@2.36.7-1.el9?arch=s390x" } } }, { "category": "product_version", "name": "webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "product": { "name": "webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "product_id": "webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-devel@2.36.7-1.el9?arch=s390x" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "product": { "name": "webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "product_id": "webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc@2.36.7-1.el9?arch=s390x" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "product": { "name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "product_id": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel@2.36.7-1.el9?arch=s390x" } } }, { "category": "product_version", "name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "product": { "name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "product_id": "webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-debugsource@2.36.7-1.el9?arch=s390x" } } }, { "category": "product_version", "name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "product": { "name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "product_id": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-debuginfo@2.36.7-1.el9?arch=s390x" } } }, { "category": "product_version", "name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "product": { "name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "product_id": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-devel-debuginfo@2.36.7-1.el9?arch=s390x" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "product": { "name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "product_id": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc-debuginfo@2.36.7-1.el9?arch=s390x" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "product": { "name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "product_id": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel-debuginfo@2.36.7-1.el9?arch=s390x" } } } ], "category": "architecture", "name": "s390x" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-0:2.36.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64" }, "product_reference": "webkit2gtk3-0:2.36.7-1.el9.aarch64", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-0:2.36.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686" }, "product_reference": "webkit2gtk3-0:2.36.7-1.el9.i686", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-0:2.36.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le" }, "product_reference": "webkit2gtk3-0:2.36.7-1.el9.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-0:2.36.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x" }, "product_reference": "webkit2gtk3-0:2.36.7-1.el9.s390x", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-0:2.36.7-1.el9.src as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src" }, "product_reference": "webkit2gtk3-0:2.36.7-1.el9.src", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-0:2.36.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64" }, "product_reference": "webkit2gtk3-0:2.36.7-1.el9.x86_64", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64" }, "product_reference": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686" }, "product_reference": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le" }, "product_reference": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x" }, "product_reference": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64" }, "product_reference": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64" }, "product_reference": "webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686" }, "product_reference": "webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le" }, "product_reference": "webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x" }, "product_reference": "webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64" }, "product_reference": "webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-devel-0:2.36.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64" }, "product_reference": "webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-devel-0:2.36.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686" }, "product_reference": "webkit2gtk3-devel-0:2.36.7-1.el9.i686", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le" }, "product_reference": "webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-devel-0:2.36.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x" }, "product_reference": "webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-devel-0:2.36.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64" }, "product_reference": "webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64" }, "product_reference": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686" }, "product_reference": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le" }, "product_reference": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x" }, "product_reference": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64" }, "product_reference": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64" }, "product_reference": "webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-0:2.36.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686" }, "product_reference": "webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le" }, "product_reference": "webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-0:2.36.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x" }, "product_reference": "webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64" }, "product_reference": "webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64" }, "product_reference": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686" }, "product_reference": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le" }, "product_reference": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x" }, "product_reference": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64" }, "product_reference": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64" }, "product_reference": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686" }, "product_reference": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le" }, "product_reference": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x" }, "product_reference": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64" }, "product_reference": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64" }, "product_reference": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686" }, "product_reference": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le" }, "product_reference": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x" }, "product_reference": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "relates_to_product_reference": "AppStream-9.1.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" }, "product_reference": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64", "relates_to_product_reference": "AppStream-9.1.0.GA" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-22624", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2022-04-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2073893" } ], "notes": [ { "category": "description", "text": "A use-after-free issue was found in WebKitGTK and WPE WebKit. This flaw allows a remote attacker to process maliciously crafted web content, leading to arbitrary code execution.", "title": "Vulnerability description" }, { "category": "summary", "text": "webkitgtk: Use-after-free leading to arbitrary code execution", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-22624" }, { "category": "external", "summary": "RHBZ#2073893", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073893" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-22624", "url": "https://www.cve.org/CVERecord?id=CVE-2022-22624" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22624", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22624" } ], "release_date": "2022-04-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-11-15T13:26:22+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:8054" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "webkitgtk: Use-after-free leading to arbitrary code execution" }, { "cve": "CVE-2022-22628", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2022-04-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2073896" } ], "notes": [ { "category": "description", "text": "A use-after-free issue was found in WebKitGTK and WPE WebKit. This flaw allows a remote attacker to process maliciously crafted web content, leading to arbitrary code execution.", "title": "Vulnerability description" }, { "category": "summary", "text": "webkitgtk: Use-after-free leading to arbitrary code execution", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-22628" }, { "category": "external", "summary": "RHBZ#2073896", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073896" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-22628", "url": "https://www.cve.org/CVERecord?id=CVE-2022-22628" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22628", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22628" } ], "release_date": "2022-04-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-11-15T13:26:22+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:8054" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "webkitgtk: Use-after-free leading to arbitrary code execution" }, { "cve": "CVE-2022-22629", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "discovery_date": "2022-04-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2073899" } ], "notes": [ { "category": "description", "text": "A buffer overflow vulnerability was found in WebKitGTK and WPE WebKit. This flaw allows a remote attacker to process maliciously crafted web content, leading to arbitrary code execution.", "title": "Vulnerability description" }, { "category": "summary", "text": "webkitgtk: Buffer overflow leading to arbitrary code execution", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-22629" }, { "category": "external", "summary": "RHBZ#2073899", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073899" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-22629", "url": "https://www.cve.org/CVERecord?id=CVE-2022-22629" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22629", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22629" } ], "release_date": "2022-04-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-11-15T13:26:22+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:8054" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "webkitgtk: Buffer overflow leading to arbitrary code execution" }, { "cve": "CVE-2022-22662", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2022-07-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2104787" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in WebKitGTK, where an issue occurs due to improper cookie management. This flaw allows a remote attacker to trick the victim into parsing maliciously crafted web content, triggering the vulnerability and gaining access to potentially sensitive information.", "title": "Vulnerability description" }, { "category": "summary", "text": "webkitgtk: Cookie management issue leading to sensitive user information disclosure", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux 6, 7, 8, and 9 are affected because the code-base is affected by this vulnerability.\n\nSince Red Hat Enterprise Linux 6 and 7 are Out-of-Support-Scope for Low/Moderate flaws, the issue is not currently planned to be addressed in future updates for RHEL-6,7. Only Important and Critical severity flaws will be addressed at this time.\n\nFor additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/ and Red Hat Enterprise Linux Life Cycle \u0026 Updates Policy: https://access.redhat.com/support/policy/updates/errata/.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-22662" }, { "category": "external", "summary": "RHBZ#2104787", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2104787" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-22662", "url": "https://www.cve.org/CVERecord?id=CVE-2022-22662" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22662", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22662" }, { "category": "external", "summary": "https://webkitgtk.org/security/WSA-2022-0006.html", "url": "https://webkitgtk.org/security/WSA-2022-0006.html" } ], "release_date": "2022-07-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-11-15T13:26:22+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:8054" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "webkitgtk: Cookie management issue leading to sensitive user information disclosure" }, { "cve": "CVE-2022-26700", "cwe": { "id": "CWE-1173", "name": "Improper Use of Validation Framework" }, "discovery_date": "2022-06-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2092732" } ], "notes": [ { "category": "description", "text": "A flaw was found in webkitgtk. The vulnerability occurs due to improper input validation, leading to memory corruption. This flaw allows an attacker with network access to pass specially crafted web content files, causing an application to halt, crash, or arbitrary code execution.", "title": "Vulnerability description" }, { "category": "summary", "text": "webkitgtk: Memory corruption issue leading to arbitrary code execution", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-26700" }, { "category": "external", "summary": "RHBZ#2092732", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092732" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-26700", "url": "https://www.cve.org/CVERecord?id=CVE-2022-26700" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-26700", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26700" }, { "category": "external", "summary": "https://webkitgtk.org/security/WSA-2022-0005.html", "url": "https://webkitgtk.org/security/WSA-2022-0005.html" } ], "release_date": "2022-05-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-11-15T13:26:22+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:8054" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src", "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x", "AppStream-9.1.0.GA:webkit2gtk3-jsc-0: