openSUSE Local Security Checks : openSUSE Security Advisory (SUSE-SU-2024:1944-1)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.18.2.2024.1944.1
Categoría:	openSUSE Local Security Checks
Título:	openSUSE Security Advisory (SUSE-SU-2024:1944-1)
Resumen:	The remote host is missing an update for the 'webkit2gtk3' package(s) announced via the SUSE-SU-2024:1944-1 advisory.
Descripción:	Summary: The remote host is missing an update for the 'webkit2gtk3' package(s) announced via the SUSE-SU-2024:1944-1 advisory. Vulnerability Insight: This update for webkit2gtk3 fixes the following issues: - Update to version 2.44.2 (bsc#1225071): - CVE-2024-23252: Fixed a vulnerability where processed web content may lead to a denial-of-service. (bsc#1222010) - CVE-2024-23254: Fixed a vulnerability where a malicious website may exfiltrate audio data cross-origin. (bsc#1222010) - CVE-2024-23263: Fixed a vulnerability where processed maliciously crafted web content may prevent Content Security Policy from being enforced. (bsc#1222010) - CVE-2024-23280: Fixed a vulnerability where a maliciously crafted webpage may be able to fingerprint the user. (bsc#1222010) - CVE-2024-23284: Fixed a vulnerability where processed maliciously crafted web content may prevent Content Security Policy from being enforced. (bsc#1222010) - CVE-2023-42950: Fixed a vulnerability where processed maliciously crafted web content may lead to arbitrary code execution. (bsc#1222010) - CVE-2023-42956: Fixed a vulnerability where processed web content may lead to a denial-of-service. (bsc#1222010) - CVE-2023-42843: Fixed a vulnerability where visiting a malicious website may lead to address bar spoofing. (bsc#1222010) - CVE-2024-27834: Fixed a vulnerability where an attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. (bsc#1225071) Affected Software/OS: 'webkit2gtk3' package(s) on openSUSE Leap 15.6. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2023-42843 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IXLXIOAH5S7J22LJTCIAVFVVJ4TESAX4/ https://support.apple.com/en-us/HT213981 https://support.apple.com/en-us/HT213982 https://support.apple.com/en-us/HT213984 https://support.apple.com/en-us/HT213986 http://www.openwall.com/lists/oss-security/2024/03/26/1 Common Vulnerability Exposure (CVE) ID: CVE-2023-42950 https://support.apple.com/en-us/HT214035 https://support.apple.com/en-us/HT214036 https://support.apple.com/en-us/HT214039 https://support.apple.com/en-us/HT214040 https://support.apple.com/en-us/HT214041 Common Vulnerability Exposure (CVE) ID: CVE-2023-42956 Common Vulnerability Exposure (CVE) ID: CVE-2024-23252 Common Vulnerability Exposure (CVE) ID: CVE-2024-23254 http://seclists.org/fulldisclosure/2024/Mar/20 http://seclists.org/fulldisclosure/2024/Mar/21 http://seclists.org/fulldisclosure/2024/Mar/24 http://seclists.org/fulldisclosure/2024/Mar/25 http://seclists.org/fulldisclosure/2024/Mar/26 https://support.apple.com/en-us/HT214081 https://support.apple.com/en-us/HT214084 https://support.apple.com/en-us/HT214086 https://support.apple.com/en-us/HT214087 https://support.apple.com/en-us/HT214088 https://support.apple.com/en-us/HT214089 Common Vulnerability Exposure (CVE) ID: CVE-2024-23263 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AO4BNNL5X2LQBJ6WX7VT4SGMA6R7DUU5/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BAIPBVDQV3GHMSNSZNEJCRZEPM7BEYGF/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXORDRCSQAQU436W4S2Z3X5B5PDXL3LI/ https://support.apple.com/en-us/HT214082 Common Vulnerability Exposure (CVE) ID: CVE-2024-23280 Common Vulnerability Exposure (CVE) ID: CVE-2024-23284 Common Vulnerability Exposure (CVE) ID: CVE-2024-27834 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WKIXADCW3O4R2OOSDZGPU55XQFE6NA3M/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ADCLQW54XN37VJZNYD3UKCYATJFIMYXG/ http://seclists.org/fulldisclosure/2024/May/9 http://seclists.org/fulldisclosure/2024/May/10 http://seclists.org/fulldisclosure/2024/May/12 http://seclists.org/fulldisclosure/2024/May/16 http://seclists.org/fulldisclosure/2024/May/17 https://support.apple.com/en-us/HT214101 https://support.apple.com/en-us/HT214102 https://support.apple.com/en-us/HT214103 https://support.apple.com/en-us/HT214104 https://support.apple.com/en-us/HT214106 http://www.openwall.com/lists/oss-security/2024/05/21/1
Copyright	Copyright (C) 2025 Greenbone AG