Rapid7 Vulnerability & Exploit Database

Oracle Linux: CVE-2021-1801: ELSA-2021-4381: GNOME security, bug fix, and enhancement update (MODERATE) (Multiple Advisories)

Free InsightVM Trial No Credit Card Necessary

2024 Attack Intel Report Latest research by Rapid7 Labs

Back to Search

Oracle Linux: CVE-2021-1801: ELSA-2021-4381: GNOME security, bug fix, and enhancement update (MODERATE) (Multiple Advisories)

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:C/A:N)

Published

03/22/2021

Created

11/19/2021

Added

11/17/2021

Modified

11/29/2024

Description

This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Maliciously crafted web content may violate iframe sandboxing policy. A flaw was found in WebKitGTK and WPE WebKit in versions prior to 2.30.6. Maliciously crafted web content may violate the iframe sandboxing policy. The highest threat from this vulnerability is to data integrity.

Solution(s)

oracle-linux-upgrade-accountsservice
oracle-linux-upgrade-accountsservice-devel
oracle-linux-upgrade-accountsservice-libs
oracle-linux-upgrade-gdm
oracle-linux-upgrade-gnome-autoar
oracle-linux-upgrade-gnome-calculator
oracle-linux-upgrade-gnome-classic-session
oracle-linux-upgrade-gnome-control-center
oracle-linux-upgrade-gnome-control-center-filesystem
oracle-linux-upgrade-gnome-online-accounts
oracle-linux-upgrade-gnome-online-accounts-devel
oracle-linux-upgrade-gnome-session
oracle-linux-upgrade-gnome-session-kiosk-session
oracle-linux-upgrade-gnome-session-wayland-session
oracle-linux-upgrade-gnome-session-xsession
oracle-linux-upgrade-gnome-settings-daemon
oracle-linux-upgrade-gnome-shell
oracle-linux-upgrade-gnome-shell-extension-apps-menu
oracle-linux-upgrade-gnome-shell-extension-auto-move-windows
oracle-linux-upgrade-gnome-shell-extension-common
oracle-linux-upgrade-gnome-shell-extension-dash-to-dock
oracle-linux-upgrade-gnome-shell-extension-desktop-icons
oracle-linux-upgrade-gnome-shell-extension-disable-screenshield
oracle-linux-upgrade-gnome-shell-extension-drive-menu
oracle-linux-upgrade-gnome-shell-extension-gesture-inhibitor
oracle-linux-upgrade-gnome-shell-extension-horizontal-workspaces
oracle-linux-upgrade-gnome-shell-extension-launch-new-instance
oracle-linux-upgrade-gnome-shell-extension-native-window-placement
oracle-linux-upgrade-gnome-shell-extension-no-hot-corner
oracle-linux-upgrade-gnome-shell-extension-panel-favorites
oracle-linux-upgrade-gnome-shell-extension-places-menu
oracle-linux-upgrade-gnome-shell-extension-screenshot-window-sizer
oracle-linux-upgrade-gnome-shell-extension-systemmonitor
oracle-linux-upgrade-gnome-shell-extension-top-icons
oracle-linux-upgrade-gnome-shell-extension-updates-dialog
oracle-linux-upgrade-gnome-shell-extension-user-theme
oracle-linux-upgrade-gnome-shell-extension-window-grouper
oracle-linux-upgrade-gnome-shell-extension-window-list
oracle-linux-upgrade-gnome-shell-extension-windowsnavigator
oracle-linux-upgrade-gnome-shell-extension-workspace-indicator
oracle-linux-upgrade-gnome-software
oracle-linux-upgrade-gnome-software-devel
oracle-linux-upgrade-gsettings-desktop-schemas
oracle-linux-upgrade-gsettings-desktop-schemas-devel
oracle-linux-upgrade-gtk3
oracle-linux-upgrade-gtk3-devel
oracle-linux-upgrade-gtk3-immodule-xim
oracle-linux-upgrade-gtk-update-icon-cache
oracle-linux-upgrade-libraw
oracle-linux-upgrade-libraw-devel
oracle-linux-upgrade-mutter
oracle-linux-upgrade-mutter-devel
oracle-linux-upgrade-vino
oracle-linux-upgrade-webkit2gtk3
oracle-linux-upgrade-webkit2gtk3-devel
oracle-linux-upgrade-webkit2gtk3-jsc
oracle-linux-upgrade-webkit2gtk3-jsc-devel

References

https://attackerkb.com/topics/cve-2021-1801
CVE - 2021-1801
ELSA-2021-4381

Advanced vulnerability management analytics and reporting.

Key Features

Lightweight Endpoint Agent
Live Dashboards
Real Risk Prioritization
IT-Integrated Remediation Projects
Cloud, Virtual, and Container Assessment
Integrated Threat Feeds
Easy-to-Use RESTful API
Automation-Assisted Patching
Automated Containment

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

Oracle Linux: CVE-2021-1801: ELSA-2021-4381: GNOME security, bug fix, and enhancement update (MODERATE) (Multiple Advisories)

Oracle Linux: CVE-2021-1801: ELSA-2021-4381: GNOME security, bug fix, and enhancement update (MODERATE) (Multiple Advisories)

Description

Solution(s)

References

Submit your information and we will get in touch with you.

Thank you for contacting us.

We will be in touch shortly.