{"id":"MGASA-2019-0324","summary":"Updated webkit2 packages fix security vulnerabilities","details":"Updated webkit2 packages fix security vulnerabilities:\n\nProcessing maliciously crafted web content may lead to universal cross\nsite scripting (CVE-2019-8625, CVE-2019-8674, CVE-2019-8719, CVE-2019-8813)\n\nProcessing maliciously crafted web content may lead to arbitrary code\nexecution (CVE-2019-8707, CVE-2019-8710, CVE-2019-8720, CVE-2019-8726,\nCVE-2019-8733, CVE-2019-8735, CVE-2019-8743, CVE-2019-8763, CVE-2019-8764,\nCVE-2019-8765, CVE-2019-8766, CVE-2019-8782, CVE-2019-8783, CVE-2019-8808,\nCVE-2019-8811, CVE-2019-8812, CVE-2019-8814, CVE-2019-8815, CVE-2019-8816,\nCVE-2019-8819, CVE-2019-8820, CVE-2019-8821, CVE-2019-8822, CVE-2019-8823)\n\nA user may be unable to delete browsing history items (CVE-2019-8768)\n\nVisiting a maliciously crafted website may reveal browsing history\n(CVE-2019-8769)\n\nMaliciously crafted web content may violate iframe sandboxing policy\n(CVE-2019-8771)\n","modified":"2026-04-16T04:40:49.684597565Z","published":"2019-11-14T16:58:51Z","upstream":["CVE-2019-8625","CVE-2019-8674","CVE-2019-8707","CVE-2019-8710","CVE-2019-8719","CVE-2019-8720","CVE-2019-8726","CVE-2019-8733","CVE-2019-8735","CVE-2019-8743","CVE-2019-8763","CVE-2019-8764","CVE-2019-8765","CVE-2019-8766","CVE-2019-8768","CVE-2019-8769","CVE-2019-8771","CVE-2019-8782","CVE-2019-8783","CVE-2019-8808","CVE-2019-8811","CVE-2019-8812","CVE-2019-8813","CVE-2019-8814","CVE-2019-8815","CVE-2019-8816","CVE-2019-8819","CVE-2019-8820","CVE-2019-8821","CVE-2019-8822","CVE-2019-8823"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2019-0324.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=25657"},{"type":"WEB","url":"https://webkitgtk.org/2019/09/09/webkitgtk2.26.0-released.html"},{"type":"WEB","url":"https://webkitgtk.org/2019/09/23/webkitgtk2.26.1-released.html"},{"type":"WEB","url":"https://webkitgtk.org/2019/11/06/webkitgtk2.26.2-released.html"},{"type":"WEB","url":"https://webkitgtk.org/security/WSA-2019-0005.html"},{"type":"WEB","url":"https://webkitgtk.org/security/WSA-2019-0006.html"},{"type":"WEB","url":"https://www.openwall.com/lists/oss-security/2019/10/29/2"}],"affected":[{"package":{"name":"webkit2","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/webkit2?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.26.2-1.mga7"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2019-0324.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}