SUSE-SU-2023:4558-1

Advisory lineage Upstream: 7 Downstream: 0
Published: 24 Nov 2023, 16:07
Last modified:04 Feb 2026, 04:27

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

24 Nov 2023, 16:07
Published
Vulnerability first disclosed
04 Feb 2026, 04:27
Last Modified
Vulnerability information updated

Description

Security update for webkit2gtk3 This update for webkit2gtk3 fixes the following issues: Update to version 2.42.2 (bsc#1217210): - CVE-2023-41983: Processing web content may lead to a denial-of-service. - CVE-2023-42852: Processing web content may lead to arbitrary code execution. Already previously fixed: - CVE-2022-32919: Visiting a website that frames malicious content may lead to UI spoofing (fixed already in 2.38.4). - CVE-2022-32933: A website may be able to track the websites a user visited in private browsing mode (fixed already in 2.38.0). - CVE-2022-46705: Visiting a malicious website may lead to address bar spoofing (fixed already in 2.38.4). - CVE-2022-46725: Visiting a malicious website may lead to address bar spoofing (fixed already in 2.38.4). - CVE-2023-32359: A user’s password may be read aloud by a text-to-speech accessibility feature (fixed already in 2.42.0). Bug fixes: - Disable DMABuf renderer for NVIDIA proprietary drivers (bsc#1216778).

Affected Systems

  • susewebkit2gtk3&distro=SUSE Enterprise Storage 7.1

    < 2.42.2-150200.91.1

  • susewebkit2gtk3&distro=SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS

    < 2.42.2-150200.91.1

  • susewebkit2gtk3&distro=SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS

    < 2.42.2-150200.91.1

  • susewebkit2gtk3&distro=SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS

    < 2.42.2-150200.91.1

  • susewebkit2gtk3&distro=SUSE Linux Enterprise Server 15 SP2-LTSS

    < 2.42.2-150200.91.1

  • susewebkit2gtk3&distro=SUSE Linux Enterprise Server 15 SP3-LTSS

    < 2.42.2-150200.91.1

  • susewebkit2gtk3&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP2

    < 2.42.2-150200.91.1

  • susewebkit2gtk3&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP3

    < 2.42.2-150200.91.1

References (10)