Multiple security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the user interface, or execute arbitrary code. (CVE-2018-4088, CVE-2018-4096, CVE-2017-7153, CVE-2017-7160, CVE-2017-7161, CVE-2017-7165, CVE-2017-13884, CVE-2017-13885)
{ "availability": "No subscription required", "binaries": [ { "binary_name": "gir1.2-javascriptcoregtk-4.0", "binary_version": "2.18.6-0ubuntu0.16.04.1" }, { "binary_name": "gir1.2-webkit2-4.0", "binary_version": "2.18.6-0ubuntu0.16.04.1" }, { "binary_name": "libjavascriptcoregtk-4.0-18", "binary_version": "2.18.6-0ubuntu0.16.04.1" }, { "binary_name": "libjavascriptcoregtk-4.0-bin", "binary_version": "2.18.6-0ubuntu0.16.04.1" }, { "binary_name": "libjavascriptcoregtk-4.0-dev", "binary_version": "2.18.6-0ubuntu0.16.04.1" }, { "binary_name": "libwebkit2gtk-4.0-37", "binary_version": "2.18.6-0ubuntu0.16.04.1" }, { "binary_name": "libwebkit2gtk-4.0-37-gtk2", "binary_version": "2.18.6-0ubuntu0.16.04.1" }, { "binary_name": "libwebkit2gtk-4.0-dev", "binary_version": "2.18.6-0ubuntu0.16.04.1" } ] }
{ "cves": [ { "id": "CVE-2017-7153", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2017-7160", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2017-7161", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2017-7165", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2017-13884", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2017-13885", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2018-4088", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2018-4096", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "type": "Ubuntu", "score": "medium" } ] } ], "ecosystem": "Ubuntu:16.04:LTS" }