Test ID:	1.3.6.1.4.1.25623.1.0.833654
Category:	openSUSE Local Security Checks
Title:	openSUSE Security Advisory (SUSE-SU-2024:0004-1)
Summary:	The remote host is missing an update for the 'webkit2gtk3' package(s) announced via the SUSE-SU-2024:0004-1 advisory.
Description:	Summary: The remote host is missing an update for the 'webkit2gtk3' package(s) announced via the SUSE-SU-2024:0004-1 advisory. Vulnerability Insight: This update for webkit2gtk3 fixes the following issues: - CVE-2023-42890: Fixed processing malicious web content may lead to arbitrary code execution (bsc#1218033). - CVE-2023-42883: Fixed processing a malicious image may lead to a denial-of-service (bsc#1218032). - CVE-2023-41074: Fixed use-after-free in the MediaRecorder API of the WebKit GStreamer-based ports (bsc#1215870). - CVE-2023-40451, CVE-2023-41074: Update to version 2.42.4 (bsc#1218032, bsc#1215868). Affected Software/OS: 'webkit2gtk3' package(s) on openSUSE Leap 15.4, openSUSE Leap 15.5. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2023-32359 http://seclists.org/fulldisclosure/2023/Oct/23 https://security.gentoo.org/glsa/202401-33 https://support.apple.com/en-us/HT213981 http://www.openwall.com/lists/oss-security/2023/11/15/1 Common Vulnerability Exposure (CVE) ID: CVE-2023-39928 Debian Security Information: DSA-5527 (Google Search) https://www.debian.org/security/2023/dsa-5527 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4EEMDC5TQAANFH5D77QM34ZTUKXPFGVL/ https://talosintelligence.com/vulnerability_reports/TALOS-2023-1831 https://webkitgtk.org/security/WSA-2023-0009.html Common Vulnerability Exposure (CVE) ID: CVE-2023-40451 http://seclists.org/fulldisclosure/2023/Oct/2 https://support.apple.com/en-us/HT213941 http://www.openwall.com/lists/oss-security/2023/09/28/3 Common Vulnerability Exposure (CVE) ID: CVE-2023-41074 http://seclists.org/fulldisclosure/2023/Oct/3 http://seclists.org/fulldisclosure/2023/Oct/8 http://seclists.org/fulldisclosure/2023/Oct/9 http://seclists.org/fulldisclosure/2023/Oct/10 https://support.apple.com/en-us/HT213936 https://support.apple.com/en-us/HT213937 https://support.apple.com/en-us/HT213938 https://support.apple.com/en-us/HT213940 Common Vulnerability Exposure (CVE) ID: CVE-2023-42883 Debian Security Information: DSA-5580 (Google Search) https://www.debian.org/security/2023/dsa-5580 http://seclists.org/fulldisclosure/2023/Dec/6 http://seclists.org/fulldisclosure/2023/Dec/7 http://seclists.org/fulldisclosure/2023/Dec/8 http://seclists.org/fulldisclosure/2023/Dec/9 http://seclists.org/fulldisclosure/2023/Dec/12 http://seclists.org/fulldisclosure/2023/Dec/13 https://support.apple.com/en-us/HT214034 https://support.apple.com/en-us/HT214035 https://support.apple.com/en-us/HT214036 https://support.apple.com/en-us/HT214039 https://support.apple.com/en-us/HT214040 https://support.apple.com/en-us/HT214041 http://www.openwall.com/lists/oss-security/2023/12/18/1 Common Vulnerability Exposure (CVE) ID: CVE-2023-42890
Copyright	Copyright (C) 2024 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.