vulnerability
SUSE: CVE-2021-21806: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:P/I:P/A:P) | 2021-07-08 | 2021-10-06 | 2022-10-26 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
2021-07-08
Added
2021-10-06
Modified
2022-10-26
Description
An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.3 x64. A specially crafted HTML web page can cause a use-after-free condition, resulting in remote code execution. The victim needs to visit a malicious web site to trigger the vulnerability.
Solution(s)
suse-upgrade-libjavascriptcoregtk-4_0-18suse-upgrade-libjavascriptcoregtk-4_0-18-32bitsuse-upgrade-libjavascriptcoregtk-4_1-0suse-upgrade-libjavascriptcoregtk-5_0-0suse-upgrade-libwebkit2gtk-4_0-37suse-upgrade-libwebkit2gtk-4_0-37-32bitsuse-upgrade-libwebkit2gtk-4_1-0suse-upgrade-libwebkit2gtk-5_0-0suse-upgrade-libwebkit2gtk3-langsuse-upgrade-typelib-1_0-javascriptcore-4_0suse-upgrade-typelib-1_0-javascriptcore-4_1suse-upgrade-typelib-1_0-javascriptcore-5_0suse-upgrade-typelib-1_0-webkit2-4_0suse-upgrade-typelib-1_0-webkit2-4_1suse-upgrade-typelib-1_0-webkit2-5_0suse-upgrade-typelib-1_0-webkit2webextension-4_0suse-upgrade-typelib-1_0-webkit2webextension-4_1suse-upgrade-webkit-jsc-4suse-upgrade-webkit2gtk-4-1-langsuse-upgrade-webkit2gtk-4_0-injected-bundlessuse-upgrade-webkit2gtk-4_1-injected-bundlessuse-upgrade-webkit2gtk-5-0-langsuse-upgrade-webkit2gtk-5_0-injected-bundlessuse-upgrade-webkit2gtk3-develsuse-upgrade-webkit2gtk3-minibrowsersuse-upgrade-webkit2gtk3-soup2-devel
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.