Date: Tue, 20 Sep 2022 14:19:08 +0200 From: Carlos Alberto Lopez Perez <clopez@...lia.com> To: webkit-gtk@...ts.webkit.org, webkit-wpe@...ts.webkit.org Cc: security@...kit.org, distributor-list@...me.org, oss-security@...ts.openwall.com, bugtraq@...urityfocus.com Subject: Re: WebKitGTK and WPE WebKit Security Advisory WSA-2022-0009 On 19/09/2022 14:44, Carlos Alberto Lopez Perez wrote: > CVE-2022-32912 > Versions affected: WebKitGTK and WPE WebKit before 2.36.8. > Credit to Jeonghoon Shin (@singi21a) at Theori working with Trend > Micro Zero Day Initiative. > Impact: Processing maliciously crafted web content may lead to > arbitrary code execution. Description: An out-of-bounds read was > addressed with improved bounds checking. Just an update about this CVE: This issue doesn't affect Linux builds. Only MacOS builds are affected by this.
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.