vulnerability
SUSE: CVE-2021-21806: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:P/I:P/A:P) | Jul 8, 2021 | Oct 6, 2021 | Oct 26, 2022 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
Jul 8, 2021
Added
Oct 6, 2021
Modified
Oct 26, 2022
Description
An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.3 x64. A specially crafted HTML web page can cause a use-after-free condition, resulting in remote code execution. The victim needs to visit a malicious web site to trigger the vulnerability.
Solutions
suse-upgrade-libjavascriptcoregtk-4_0-18suse-upgrade-libjavascriptcoregtk-4_0-18-32bitsuse-upgrade-libjavascriptcoregtk-4_1-0suse-upgrade-libjavascriptcoregtk-5_0-0suse-upgrade-libwebkit2gtk-4_0-37suse-upgrade-libwebkit2gtk-4_0-37-32bitsuse-upgrade-libwebkit2gtk-4_1-0suse-upgrade-libwebkit2gtk-5_0-0suse-upgrade-libwebkit2gtk3-langsuse-upgrade-typelib-1_0-javascriptcore-4_0suse-upgrade-typelib-1_0-javascriptcore-4_1suse-upgrade-typelib-1_0-javascriptcore-5_0suse-upgrade-typelib-1_0-webkit2-4_0suse-upgrade-typelib-1_0-webkit2-4_1suse-upgrade-typelib-1_0-webkit2-5_0suse-upgrade-typelib-1_0-webkit2webextension-4_0suse-upgrade-typelib-1_0-webkit2webextension-4_1suse-upgrade-webkit-jsc-4suse-upgrade-webkit2gtk-4-1-langsuse-upgrade-webkit2gtk-4_0-injected-bundlessuse-upgrade-webkit2gtk-4_1-injected-bundlessuse-upgrade-webkit2gtk-5-0-langsuse-upgrade-webkit2gtk-5_0-injected-bundlessuse-upgrade-webkit2gtk3-develsuse-upgrade-webkit2gtk3-minibrowsersuse-upgrade-webkit2gtk3-soup2-devel
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.