Test ID:	1.3.6.1.4.1.25623.1.1.18.2.2024.1944.1
Category:	openSUSE Local Security Checks
Title:	openSUSE Security Advisory (SUSE-SU-2024:1944-1)
Summary:	The remote host is missing an update for the 'webkit2gtk3' package(s) announced via the SUSE-SU-2024:1944-1 advisory.
Description:	Summary: The remote host is missing an update for the 'webkit2gtk3' package(s) announced via the SUSE-SU-2024:1944-1 advisory. Vulnerability Insight: This update for webkit2gtk3 fixes the following issues: - Update to version 2.44.2 (bsc#1225071): - CVE-2024-23252: Fixed a vulnerability where processed web content may lead to a denial-of-service. (bsc#1222010) - CVE-2024-23254: Fixed a vulnerability where a malicious website may exfiltrate audio data cross-origin. (bsc#1222010) - CVE-2024-23263: Fixed a vulnerability where processed maliciously crafted web content may prevent Content Security Policy from being enforced. (bsc#1222010) - CVE-2024-23280: Fixed a vulnerability where a maliciously crafted webpage may be able to fingerprint the user. (bsc#1222010) - CVE-2024-23284: Fixed a vulnerability where processed maliciously crafted web content may prevent Content Security Policy from being enforced. (bsc#1222010) - CVE-2023-42950: Fixed a vulnerability where processed maliciously crafted web content may lead to arbitrary code execution. (bsc#1222010) - CVE-2023-42956: Fixed a vulnerability where processed web content may lead to a denial-of-service. (bsc#1222010) - CVE-2023-42843: Fixed a vulnerability where visiting a malicious website may lead to address bar spoofing. (bsc#1222010) - CVE-2024-27834: Fixed a vulnerability where an attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. (bsc#1225071) Affected Software/OS: 'webkit2gtk3' package(s) on openSUSE Leap 15.6. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2023-42843 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IXLXIOAH5S7J22LJTCIAVFVVJ4TESAX4/ https://support.apple.com/en-us/HT213981 https://support.apple.com/en-us/HT213982 https://support.apple.com/en-us/HT213984 https://support.apple.com/en-us/HT213986 http://www.openwall.com/lists/oss-security/2024/03/26/1 Common Vulnerability Exposure (CVE) ID: CVE-2023-42950 https://support.apple.com/en-us/HT214035 https://support.apple.com/en-us/HT214036 https://support.apple.com/en-us/HT214039 https://support.apple.com/en-us/HT214040 https://support.apple.com/en-us/HT214041 Common Vulnerability Exposure (CVE) ID: CVE-2023-42956 Common Vulnerability Exposure (CVE) ID: CVE-2024-23252 Common Vulnerability Exposure (CVE) ID: CVE-2024-23254 http://seclists.org/fulldisclosure/2024/Mar/20 http://seclists.org/fulldisclosure/2024/Mar/21 http://seclists.org/fulldisclosure/2024/Mar/24 http://seclists.org/fulldisclosure/2024/Mar/25 http://seclists.org/fulldisclosure/2024/Mar/26 https://support.apple.com/en-us/HT214081 https://support.apple.com/en-us/HT214084 https://support.apple.com/en-us/HT214086 https://support.apple.com/en-us/HT214087 https://support.apple.com/en-us/HT214088 https://support.apple.com/en-us/HT214089 Common Vulnerability Exposure (CVE) ID: CVE-2024-23263 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AO4BNNL5X2LQBJ6WX7VT4SGMA6R7DUU5/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BAIPBVDQV3GHMSNSZNEJCRZEPM7BEYGF/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXORDRCSQAQU436W4S2Z3X5B5PDXL3LI/ https://support.apple.com/en-us/HT214082 Common Vulnerability Exposure (CVE) ID: CVE-2024-23280 Common Vulnerability Exposure (CVE) ID: CVE-2024-23284 Common Vulnerability Exposure (CVE) ID: CVE-2024-27834 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WKIXADCW3O4R2OOSDZGPU55XQFE6NA3M/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ADCLQW54XN37VJZNYD3UKCYATJFIMYXG/ http://seclists.org/fulldisclosure/2024/May/9 http://seclists.org/fulldisclosure/2024/May/10 http://seclists.org/fulldisclosure/2024/May/12 http://seclists.org/fulldisclosure/2024/May/16 http://seclists.org/fulldisclosure/2024/May/17 https://support.apple.com/en-us/HT214101 https://support.apple.com/en-us/HT214102 https://support.apple.com/en-us/HT214103 https://support.apple.com/en-us/HT214104 https://support.apple.com/en-us/HT214106 http://www.openwall.com/lists/oss-security/2024/05/21/1
Copyright	Copyright (C) 2025 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.