SUSE-SU-2024:0519-1

Advisory lineage Upstream: 6 Downstream: 0
Published: 15 Feb 2024, 16:52
Last modified:04 Feb 2026, 02:22

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

15 Feb 2024, 16:52
Published
Vulnerability first disclosed
04 Feb 2026, 02:22
Last Modified
Vulnerability information updated

Description

Security update for webkit2gtk3 This update for webkit2gtk3 fixes the following issues: Update to version 2.42.5 (bsc#1219604): - CVE-2024-23222: Fixed processing maliciously crafted web content that may have led to arbitrary code execution (bsc#1219113). - CVE-2024-23206: Fixed fingerprint user via maliciously crafted webpages (bsc#1219604). - CVE-2024-23213: Fixed processing web content that may have led to arbitrary code execution (bsc#1219604). - CVE-2023-40414: Fixed processing web content that may have led to arbitrary code execution (bsc#1219604). - CVE-2014-1745: Fixed denial-of-service or potentially disclose memory contents while processing maliciously crafted files (bsc#1219604). - CVE-2023-42833: Fixed processing web content that may have led to arbitrary code execution (bsc#1219604).

Affected Systems

  • susewebkit2gtk3&distro=SUSE Enterprise Storage 7.1

    < 2.42.5-150200.104.1

  • susewebkit2gtk3&distro=SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS

    < 2.42.5-150200.104.1

  • susewebkit2gtk3&distro=SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS

    < 2.42.5-150200.104.1

  • susewebkit2gtk3&distro=SUSE Linux Enterprise Server 15 SP2-LTSS

    < 2.42.5-150200.104.1

  • susewebkit2gtk3&distro=SUSE Linux Enterprise Server 15 SP3-LTSS

    < 2.42.5-150200.104.1

  • susewebkit2gtk3&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP2

    < 2.42.5-150200.104.1

  • susewebkit2gtk3&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP3

    < 2.42.5-150200.104.1

References (9)