Processing web content may lead to arbitrary code execution
Created webkitgtk tracking bugs for this issue: Affects: fedora-all [bug 2223001]
Hi While triaging new CVEs w found this entry, but the details are very light. Can you share if this is something known upstream, if there is an upstream issue an fix, and wihch versions are affected by the issue? Regards, Salvatore
This is fixed in WebKitGTK 2.40.3 by https://github.com/WebKit/WebKit/commit/4f99c0670d2d91dbc51725a7af6909e186db1b07. That's all I know.
Um, sorry. It's fixed in 2.40.4. I'm off by one.
This flaw is currently fixed by the advisory: https://access.redhat.com/errata/RHSA-2023:4201 [rhel-9.2.z] https://access.redhat.com/errata/RHSA-2023:4202 [rhel-8.8.z]
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2023-37450