A flaw was found in WebKitGTK+ before version 2.20.1. A memory corruption issue when processing maliciously crafted web content may lead to arbitrary code execution. References: https://webkitgtk.org/security/WSA-2018-0004.html
Created mingw-webkitgtk tracking bugs for this issue: Affects: fedora-all [bug 1577375] Created mingw-webkitgtk3 tracking bugs for this issue: Affects: fedora-all [bug 1577380] Created webkitgtk tracking bugs for this issue: Affects: epel-all [bug 1577378] Affects: fedora-all [bug 1577377] Created webkitgtk4 tracking bugs for this issue: Affects: fedora-all [bug 1577379]
Upstream bug report: https://bugs.chromium.org/p/project-zero/issues/detail?id=1522
(In reply to Huzaifa S. Sidhpurwala from comment #4) > Upstream bug report: > https://bugs.chromium.org/p/project-zero/issues/detail?id=1522 That issue has a different CVE identifier. The upstream report we have on record is https://bugs.webkit.org/show_bug.cgi?id=183657.