vulnerability
Oracle Linux: CVE-2023-42890: ELSA-2024-2126: webkit2gtk3 security update (IMPORTANT) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 9 | (AV:N/AC:M/Au:N/C:C/I:C/A:C) | Dec 12, 2023 | May 7, 2024 | Dec 3, 2025 |
Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Published
Dec 12, 2023
Added
May 7, 2024
Modified
Dec 3, 2025
Description
The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, macOS Sonoma 14.2, watchOS 10.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2. Processing web content may lead to arbitrary code execution.
A flaw was found in WebKitGTK. This issue exists due to a boundary error when processing malicious HTML content in WebKit, which could result in memory corruption and arbitrary code execution on the target system.
A flaw was found in WebKitGTK. This issue exists due to a boundary error when processing malicious HTML content in WebKit, which could result in memory corruption and arbitrary code execution on the target system.
Solutions
oracle-linux-upgrade-webkit2gtk3oracle-linux-upgrade-webkit2gtk3-develoracle-linux-upgrade-webkit2gtk3-jscoracle-linux-upgrade-webkit2gtk3-jsc-devel
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.