Webkitgtk: >> Webkitgtk >> 1.2.6 Security Vulnerabilities
WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain JavaScript redirections. An attacker could cause malicious web content to be displayed as if for a trusted URI. This is similar to the CVE-2018-8383 issue in Microsoft Edge.
CVSS Score
8.1
EPSS Score
0.024
Published
2019-01-14
Late TLS certificate verification in WebKitGTK+ prior to 2.6.6 allows remote attackers to view a secure HTTP request, including, for example, secure cookies.
CVSS Score
7.5
EPSS Score
0.003
Published
2017-03-10
WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, does not properly handle large text areas, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted HTML document.
CVSS Score
8.8
EPSS Score
0.011
Published
2010-11-06
Page 5