[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-SUSE-SU-2017:2933-1":6},{"stargazers_count":4,"fetched_at":5},5,"2026-04-07T21:11:43.830Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":94,"duplicates":95,"related":96,"reserved_at":9,"published_at":137,"modified_at":138,"state":9,"summary":139,"references_raw":141,"kevs":326,"epss":9,"epss_history":327,"metrics":328,"affected":329},"SUSE-SU-2017:2933-1","Security update for webkit2gtk3\n\nThis update for webkit2gtk3 to version 2.18.0 fixes the following issues:\n\nThese security issues were fixed:\n\n- CVE-2017-7039: An issue was fixed that allowed remote attackers to execute\n  arbitrary code or cause a denial of service (memory corruption and application\n  crash) via a crafted web site (bsc#1050469).\n- CVE-2017-7018: An issue was fixed that allowed remote attackers to execute\n  arbitrary code or cause a denial of service (memory corruption and application\n  crash) via a crafted web site (bsc#1050469).\n- CVE-2017-7030: An issue was fixed that allowed remote attackers to execute\n  arbitrary code or cause a denial of service (memory corruption and application\n  crash) via a crafted web site (bsc#1050469).\n- CVE-2017-7037: An issue was fixed that allowed remote attackers to execute\n  arbitrary code or cause a denial of service (memory corruption and application\n  crash) via a crafted web site (bsc#1050469).\n- CVE-2017-7034: An issue was fixed that allowed remote attackers to execute\n  arbitrary code or cause a denial of service (memory corruption and application\n  crash) via a crafted web site (bsc#1050469).\n- CVE-2017-7055: An issue was fixed that allowed remote attackers to execute\n  arbitrary code or cause a denial of service (memory corruption and application\n  crash) via a crafted web site (bsc#1050469).\n- CVE-2017-7056: An issue was fixed that allowed remote attackers to execute\n  arbitrary code or cause a denial of service (memory corruption and application\n  crash) via a crafted web site (bsc#1050469).\n- CVE-2017-7064: An issue was fixed that allowed remote attackers to bypass\n  intended memory-read restrictions via a crafted app (bsc#1050469).\n- CVE-2017-7061: An issue was fixed that allowed remote attackers to execute\n  arbitrary code or cause a denial of service (memory corruption and application\n  crash) via a crafted web site (bsc#1050469).\n- CVE-2017-7048: An issue was fixed that allowed remote attackers to execute\n  arbitrary code or cause a denial of service (memory corruption and application\n  crash) via a crafted web site (bsc#1050469).\n- CVE-2017-7046: An issue was fixed that allowed remote attackers to execute\n  arbitrary code or cause a denial of service (memory corruption and\n  application crash) via a crafted web site (bsc#1050469).\n- CVE-2017-2538: An issue was fixed that allowed remote attackers to execute\n  arbitrary code or cause a denial of service (memory corruption and application\n  crash) via a crafted web site (bsc#1045460)\n- CVE-2017-2496: An issue was fixed that allowed remote attackers to execute\n  arbitrary code or cause a denial of service (memory corruption and application\n  crash) via a crafted web site.\n- CVE-2017-2539: An issue was fixed that allowed remote attackers to execute\n  arbitrary code or cause a denial of service (memory corruption and application\n  crash) via a crafted web site.\n- CVE-2017-2510: An issue was fixed that allowed remote attackers to conduct\n  Universal XSS (UXSS) attacks via a crafted web site that improperly\n  interacts with pageshow events.\n- CVE-2017-2365: An issue was fixed that allowed remote attackers to bypass the\n  Same Origin Policy and obtain sensitive information via a crafted web\n  site (bsc#1024749)\n- CVE-2017-2366: An issue was fixed that allowed remote attackers to execute\n  arbitrary code or cause a denial of service (memory corruption and\n  application crash) via a crafted web site (bsc#1024749)\n- CVE-2017-2373: An issue was fixed that allowed remote attackers to execute\n  arbitrary code or cause a denial of service (memory corruption and\n  application crash) via a crafted web site (bsc#1024749)\n- CVE-2017-2363: An issue was fixed that allowed remote attackers to bypass the\n  Same Origin Policy and obtain sensitive information via a crafted web\n  site (bsc#1024749)\n- CVE-2017-2362: An issue was fixed that allowed remote attackers to execute\n  arbitrary code or cause a denial of service (memory corruption and\n  application crash) via a crafted web site (bsc#1024749)\n- CVE-2017-2350: An issue was fixed that allowed remote attackers to bypass the\n  Same Origin Policy and obtain sensitive information via a crafted web\n  site (bsc#1024749)\n- CVE-2017-2350: An issue was fixed that allowed remote attackers to bypass the\n  Same Origin Policy and obtain sensitive information via a crafted web site\n  (bsc#1024749)\n- CVE-2017-2354: An issue was fixed that allowed remote attackers to execute\n  arbitrary code or cause a denial of service (memory corruption and\n  application crash) via a crafted web site (bsc#1024749).\n- CVE-2017-2355: An issue was fixed that allowed remote attackers to execute\n  arbitrary code or cause a denial of service (uninitialized memory\n  access and application crash) via a crafted web site (bsc#1024749)\n- CVE-2017-2356: An issue was fixed that allowed remote attackers to execute\n  arbitrary code or cause a denial of service (memory corruption and\n  application crash) via a crafted web site (bsc#1024749)\n- CVE-2017-2371: An issue was fixed that allowed remote attackers to launch\n  popups via a crafted web site (bsc#1024749)\n- CVE-2017-2364: An issue was fixed that allowed remote attackers to bypass the\n  Same Origin Policy and obtain sensitive information via a crafted web\n  site (bsc#1024749)\n- CVE-2017-2369: An issue was fixed that allowed remote attackers to execute\n  arbitrary code or cause a denial of service (memory corruption and\n  application crash) via a crafted web site (bsc#1024749)\n- CVE-2016-7656: An issue was fixed that allowed remote attackers to execute\n  arbitrary code or cause a denial of service (memory corruption and\n  application crash) via a crafted web site (bsc#1020950)\n- CVE-2016-7635: An issue was fixed that allowed remote attackers to execute\n  arbitrary code or cause a denial of service (memory corruption and\n  application crash) via a crafted web site (bsc#1020950)\n- CVE-2016-7654: An issue was fixed that allowed remote attackers to execute\n  arbitrary code or cause a denial of service (memory corruption and\n  application crash) via a crafted web site (bsc#1020950)\n- CVE-2016-7639: An issue was fixed that allowed remote attackers to execute\n  arbitrary code or cause a denial of service (memory corruption and\n  application crash) via a crafted web site (bsc#1020950)\n- CVE-2016-7645: An issue was fixed that allowed remote attackers to execute\n  arbitrary code or cause a denial of service (memory corruption and\n  application crash) via a crafted web site (bsc#1020950)\n- CVE-2016-7652: An issue was fixed that allowed remote attackers to execute\n  arbitrary code or cause a denial of service (memory corruption and\n  application crash) via a crafted web site (bsc#1020950)\n- CVE-2016-7641: An issue was fixed that allowed remote attackers to execute\n  arbitrary code or cause a denial of service (memory corruption and\n  application crash) via a crafted web site (bsc#1020950)\n- CVE-2016-7632: An issue was fixed that allowed remote attackers to execute\n  arbitrary code or cause a denial of service (memory corruption and\n  application crash) via a crafted web site (bsc#1020950)\n- CVE-2016-7599: An issue was fixed that allowed remote attackers to bypass the\n  Same Origin Policy and obtain sensitive information via a crafted web\n  site that used HTTP redirects (bsc#1020950)\n- CVE-2016-7592: An issue was fixed that allowed remote attackers to obtain\n  sensitive information via crafted JavaScript prompts on a web site (bsc#1020950)\n- CVE-2016-7589: An issue was fixed that allowed remote attackers to execute\n  arbitrary code or cause a denial of service (memory corruption and\n  application crash) via a crafted web site (bsc#1020950)\n- CVE-2016-7623: An issue was fixed that allowed remote attackers to obtain\n  sensitive information via a blob URL on a web site (bsc#1020950)\n- CVE-2016-7586: An issue was fixed that allowed remote attackers to obtain\n  sensitive information via a crafted web site (bsc#1020950)\n\nFor other non-security fixes please check the changelog.\n",null,[],[],[],[14,16,18,20,22,24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82,84,86,88,90,92],{"_key":15},"CVE-2016-7586",{"_key":17},"CVE-2016-7589",{"_key":19},"CVE-2016-7592",{"_key":21},"CVE-2016-7599",{"_key":23},"CVE-2016-7623",{"_key":25},"CVE-2016-7632",{"_key":27},"CVE-2016-7635",{"_key":29},"CVE-2016-7639",{"_key":31},"CVE-2016-7641",{"_key":33},"CVE-2016-7645",{"_key":35},"CVE-2016-7652",{"_key":37},"CVE-2016-7654",{"_key":39},"CVE-2016-7656",{"_key":41},"CVE-2017-2350",{"_key":43},"CVE-2017-2354",{"_key":45},"CVE-2017-2355",{"_key":47},"CVE-2017-2356",{"_key":49},"CVE-2017-2362",{"_key":51},"CVE-2017-2363",{"_key":53},"CVE-2017-2364",{"_key":55},"CVE-2017-2365",{"_key":57},"CVE-2017-2366",{"_key":59},"CVE-2017-2369",{"_key":61},"CVE-2017-2371",{"_key":63},"CVE-2017-2373",{"_key":65},"CVE-2017-2496",{"_key":67},"CVE-2017-2510",{"_key":69},"CVE-2017-2538",{"_key":71},"CVE-2017-2539",{"_key":73},"CVE-2017-7018",{"_key":75},"CVE-2017-7030",{"_key":77},"CVE-2017-7034",{"_key":79},"CVE-2017-7037",{"_key":81},"CVE-2017-7039",{"_key":83},"CVE-2017-7046",{"_key":85},"CVE-2017-7048",{"_key":87},"CVE-2017-7055",{"_key":89},"CVE-2017-7056",{"_key":91},"CVE-2017-7061",{"_key":93},"CVE-2017-7064",[],[],[97,98,99,100,101,102,103,104,105,106,107,108,109,110,111,112,113,114,115,116,117,118,119,120,121,122,123,124,125,126,127,128,129,130,131,132,133,134,135,136],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},{"_key":25},{"_key":27},{"_key":29},{"_key":31},{"_key":33},{"_key":35},{"_key":37},{"_key":39},{"_key":41},{"_key":43},{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":59},{"_key":61},{"_key":63},{"_key":65},{"_key":67},{"_key":69},{"_key":71},{"_key":73},{"_key":75},{"_key":77},{"_key":79},{"_key":81},{"_key":83},{"_key":85},{"_key":87},{"_key":89},{"_key":91},{"_key":93},"2017-11-06T08:39:55Z","2026-02-04T04:40:35.494583Z",{"cisa_kev":140,"cisa_ransomware":140,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[142,148,153,157,161,165,170,174,178,182,186,190,194,198,202,206,210,214,218,222,226,230,234,238,242,246,250,254,258,262,266,270,274,278,282,286,290,294,298,302,306,310,314,318,322],{"url":143,"sources":144,"tags":146},"https://www.suse.com/support/update/announcement/2017/suse-su-20172933-1/",[145],"osv_suse",[147],"Advisory",{"url":149,"sources":150,"tags":151},"https://bugzilla.suse.com/1020950",[145],[152],"REPORT",{"url":154,"sources":155,"tags":156},"https://bugzilla.suse.com/1024749",[145],[152],{"url":158,"sources":159,"tags":160},"https://bugzilla.suse.com/1045460",[145],[152],{"url":162,"sources":163,"tags":164},"https://bugzilla.suse.com/1050469",[145],[152],{"url":166,"sources":167,"tags":168},"https://www.suse.com/security/cve/CVE-2016-7586",[145],[169],"WEB",{"url":171,"sources":172,"tags":173},"https://www.suse.com/security/cve/CVE-2016-7589",[145],[169],{"url":175,"sources":176,"tags":177},"https://www.suse.com/security/cve/CVE-2016-7592",[145],[169],{"url":179,"sources":180,"tags":181},"https://www.suse.com/security/cve/CVE-2016-7599",[145],[169],{"url":183,"sources":184,"tags":185},"https://www.suse.com/security/cve/CVE-2016-7623",[145],[169],{"url":187,"sources":188,"tags":189},"https://www.suse.com/security/cve/CVE-2016-7632",[145],[169],{"url":191,"sources":192,"tags":193},"https://www.suse.com/security/cve/CVE-2016-7635",[145],[169],{"url":195,"sources":196,"tags":197},"https://www.suse.com/security/cve/CVE-2016-7639",[145],[169],{"url":199,"sources":200,"tags":201},"https://www.suse.com/security/cve/CVE-2016-7641",[145],[169],{"url":203,"sources":204,"tags":205},"https://www.suse.com/security/cve/CVE-2016-7645",[145],[169],{"url":207,"sources":208,"tags":209},"https://www.suse.com/security/cve/CVE-2016-7652",[145],[169],{"url":211,"sources":212,"tags":213},"https://www.suse.com/security/cve/CVE-2016-7654",[145],[169],{"url":215,"sources":216,"tags":217},"https://www.suse.com/security/cve/CVE-2016-7656",[145],[169],{"url":219,"sources":220,"tags":221},"https://www.suse.com/security/cve/CVE-2017-2350",[145],[169],{"url":223,"sources":224,"tags":225},"https://www.suse.com/security/cve/CVE-2017-2354",[145],[169],{"url":227,"sources":228,"tags":229},"https://www.suse.com/security/cve/CVE-2017-2355",[145],[169],{"url":231,"sources":232,"tags":233},"https://www.suse.com/security/cve/CVE-2017-2356",[145],[169],{"url":235,"sources":236,"tags":237},"https://www.suse.com/security/cve/CVE-2017-2362",[145],[169],{"url":239,"sources":240,"tags":241},"https://www.suse.com/security/cve/CVE-2017-2363",[145],[169],{"url":243,"sources":244,"tags":245},"https://www.suse.com/security/cve/CVE-2017-2364",[145],[169],{"url":247,"sources":248,"tags":249},"https://www.suse.com/security/cve/CVE-2017-2365",[145],[169],{"url":251,"sources":252,"tags":253},"https://www.suse.com/security/cve/CVE-2017-2366",[145],[169],{"url":255,"sources":256,"tags":257},"https://www.suse.com/security/cve/CVE-2017-2369",[145],[169],{"url":259,"sources":260,"tags":261},"https://www.suse.com/security/cve/CVE-2017-2371",[145],[169],{"url":263,"sources":264,"tags":265},"https://www.suse.com/security/cve/CVE-2017-2373",[145],[169],{"url":267,"sources":268,"tags":269},"https://www.suse.com/security/cve/CVE-2017-2496",[145],[169],{"url":271,"sources":272,"tags":273},"https://www.suse.com/security/cve/CVE-2017-2510",[145],[169],{"url":275,"sources":276,"tags":277},"https://www.suse.com/security/cve/CVE-2017-2538",[145],[169],{"url":279,"sources":280,"tags":281},"https://www.suse.com/security/cve/CVE-2017-2539",[145],[169],{"url":283,"sources":284,"tags":285},"https://www.suse.com/security/cve/CVE-2017-7018",[145],[169],{"url":287,"sources":288,"tags":289},"https://www.suse.com/security/cve/CVE-2017-7030",[145],[169],{"url":291,"sources":292,"tags":293},"https://www.suse.com/security/cve/CVE-2017-7034",[145],[169],{"url":295,"sources":296,"tags":297},"https://www.suse.com/security/cve/CVE-2017-7037",[145],[169],{"url":299,"sources":300,"tags":301},"https://www.suse.com/security/cve/CVE-2017-7039",[145],[169],{"url":303,"sources":304,"tags":305},"https://www.suse.com/security/cve/CVE-2017-7046",[145],[169],{"url":307,"sources":308,"tags":309},"https://www.suse.com/security/cve/CVE-2017-7048",[145],[169],{"url":311,"sources":312,"tags":313},"https://www.suse.com/security/cve/CVE-2017-7055",[145],[169],{"url":315,"sources":316,"tags":317},"https://www.suse.com/security/cve/CVE-2017-7056",[145],[169],{"url":319,"sources":320,"tags":321},"https://www.suse.com/security/cve/CVE-2017-7061",[145],[169],{"url":323,"sources":324,"tags":325},"https://www.suse.com/security/cve/CVE-2017-7064",[145],[169],[],[],[],[330,343,347,351,355,359,363,367,371,375,379],{"ecosystem":331,"name":332,"vendor":333,"product":334,"cpe_part":9,"purl_type":335,"purl_namespace":333,"purl_name":334,"source":9,"versions":336},"SUSE Linux Enterprise","webkit2gtk3","suse","webkit2gtk3&distro=SUSE Linux Enterprise Desktop 12 SP2","rpm",[337],{"version":338,"is_range":339,"range_type":340,"version_start":9,"version_start_type":9,"version_end":341,"version_end_type":342,"fixed_in":9},"lt2_18_0_2_9_1",true,"ecosystem","2.18.0-2.9.1","excluding",{"ecosystem":331,"name":332,"vendor":333,"product":344,"cpe_part":9,"purl_type":335,"purl_namespace":333,"purl_name":344,"source":9,"versions":345},"webkit2gtk3&distro=SUSE Linux Enterprise Desktop 12 SP3",[346],{"version":338,"is_range":339,"range_type":340,"version_start":9,"version_start_type":9,"version_end":341,"version_end_type":342,"fixed_in":9},{"ecosystem":331,"name":332,"vendor":333,"product":348,"cpe_part":9,"purl_type":335,"purl_namespace":333,"purl_name":348,"source":9,"versions":349},"webkit2gtk3&distro=SUSE Linux Enterprise Server 12 SP2",[350],{"version":338,"is_range":339,"range_type":340,"version_start":9,"version_start_type":9,"version_end":341,"version_end_type":342,"fixed_in":9},{"ecosystem":331,"name":332,"vendor":333,"product":352,"cpe_part":9,"purl_type":335,"purl_namespace":333,"purl_name":352,"source":9,"versions":353},"webkit2gtk3&distro=SUSE Linux Enterprise Server 12 SP3",[354],{"version":338,"is_range":339,"range_type":340,"version_start":9,"version_start_type":9,"version_end":341,"version_end_type":342,"fixed_in":9},{"ecosystem":331,"name":332,"vendor":333,"product":356,"cpe_part":9,"purl_type":335,"purl_namespace":333,"purl_name":356,"source":9,"versions":357},"webkit2gtk3&distro=SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",[358],{"version":338,"is_range":339,"range_type":340,"version_start":9,"version_start_type":9,"version_end":341,"version_end_type":342,"fixed_in":9},{"ecosystem":331,"name":332,"vendor":333,"product":360,"cpe_part":9,"purl_type":335,"purl_namespace":333,"purl_name":360,"source":9,"versions":361},"webkit2gtk3&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP2",[362],{"version":338,"is_range":339,"range_type":340,"version_start":9,"version_start_type":9,"version_end":341,"version_end_type":342,"fixed_in":9},{"ecosystem":331,"name":332,"vendor":333,"product":364,"cpe_part":9,"purl_type":335,"purl_namespace":333,"purl_name":364,"source":9,"versions":365},"webkit2gtk3&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP3",[366],{"version":338,"is_range":339,"range_type":340,"version_start":9,"version_start_type":9,"version_end":341,"version_end_type":342,"fixed_in":9},{"ecosystem":331,"name":332,"vendor":333,"product":368,"cpe_part":9,"purl_type":335,"purl_namespace":333,"purl_name":368,"source":9,"versions":369},"webkit2gtk3&distro=SUSE Linux Enterprise Software Development Kit 12 SP2",[370],{"version":338,"is_range":339,"range_type":340,"version_start":9,"version_start_type":9,"version_end":341,"version_end_type":342,"fixed_in":9},{"ecosystem":331,"name":332,"vendor":333,"product":372,"cpe_part":9,"purl_type":335,"purl_namespace":333,"purl_name":372,"source":9,"versions":373},"webkit2gtk3&distro=SUSE Linux Enterprise Software Development Kit 12 SP3",[374],{"version":338,"is_range":339,"range_type":340,"version_start":9,"version_start_type":9,"version_end":341,"version_end_type":342,"fixed_in":9},{"ecosystem":331,"name":332,"vendor":333,"product":376,"cpe_part":9,"purl_type":335,"purl_namespace":333,"purl_name":376,"source":9,"versions":377},"webkit2gtk3&distro=SUSE Linux Enterprise Workstation Extension 12 SP2",[378],{"version":338,"is_range":339,"range_type":340,"version_start":9,"version_start_type":9,"version_end":341,"version_end_type":342,"fixed_in":9},{"ecosystem":331,"name":332,"vendor":333,"product":380,"cpe_part":9,"purl_type":335,"purl_namespace":333,"purl_name":380,"source":9,"versions":381},"webkit2gtk3&distro=SUSE Linux Enterprise Workstation Extension 12 SP3",[382],{"version":338,"is_range":339,"range_type":340,"version_start":9,"version_start_type":9,"version_end":341,"version_end_type":342,"fixed_in":9}]