{"id":"USN-2937-1","summary":"webkitgtk vulnerabilities","details":"A large number of security issues were discovered in the WebKitGTK+ Web and\nJavaScript engines. If a user were tricked into viewing a malicious\nwebsite, a remote attacker could exploit a variety of issues related to web\nbrowser security, including cross-site scripting attacks, denial of service\nattacks, and arbitrary code execution.\n","modified":"2026-02-10T04:40:58Z","published":"2016-03-21T18:05:45Z","related":["UBUNTU-CVE-2014-1748","UBUNTU-CVE-2015-1071","UBUNTU-CVE-2015-1076","UBUNTU-CVE-2015-1081","UBUNTU-CVE-2015-1083","UBUNTU-CVE-2015-1120","UBUNTU-CVE-2015-1122","UBUNTU-CVE-2015-1127","UBUNTU-CVE-2015-1153","UBUNTU-CVE-2015-1155","UBUNTU-CVE-2015-3658","UBUNTU-CVE-2015-3659","UBUNTU-CVE-2015-3727","UBUNTU-CVE-2015-3731","UBUNTU-CVE-2015-3741","UBUNTU-CVE-2015-3743","UBUNTU-CVE-2015-3745","UBUNTU-CVE-2015-3747","UBUNTU-CVE-2015-3748","UBUNTU-CVE-2015-3749","UBUNTU-CVE-2015-3752","UBUNTU-CVE-2015-5788","UBUNTU-CVE-2015-5794","UBUNTU-CVE-2015-5801","UBUNTU-CVE-2015-5809","UBUNTU-CVE-2015-5822","UBUNTU-CVE-2015-5928"],"upstream":["CVE-2014-1748","CVE-2015-1071","CVE-2015-1076","CVE-2015-1081","CVE-2015-1083","CVE-2015-1120","CVE-2015-1122","CVE-2015-1127","CVE-2015-1153","CVE-2015-1155","CVE-2015-3658","CVE-2015-3659","CVE-2015-3727","CVE-2015-3731","CVE-2015-3741","CVE-2015-3743","CVE-2015-3745","CVE-2015-3747","CVE-2015-3748","CVE-2015-3749","CVE-2015-3752","CVE-2015-5788","CVE-2015-5794","CVE-2015-5801","CVE-2015-5809","CVE-2015-5822","CVE-2015-5928","UBUNTU-CVE-2014-1748","UBUNTU-CVE-2015-1071","UBUNTU-CVE-2015-1076","UBUNTU-CVE-2015-1081","UBUNTU-CVE-2015-1083","UBUNTU-CVE-2015-1120","UBUNTU-CVE-2015-1122","UBUNTU-CVE-2015-1127","UBUNTU-CVE-2015-1153","UBUNTU-CVE-2015-1155","UBUNTU-CVE-2015-3658","UBUNTU-CVE-2015-3659","UBUNTU-CVE-2015-3727","UBUNTU-CVE-2015-3731","UBUNTU-CVE-2015-3741","UBUNTU-CVE-2015-3743","UBUNTU-CVE-2015-3745","UBUNTU-CVE-2015-3747","UBUNTU-CVE-2015-3748","UBUNTU-CVE-2015-3749","UBUNTU-CVE-2015-3752","UBUNTU-CVE-2015-5788","UBUNTU-CVE-2015-5794","UBUNTU-CVE-2015-5801","UBUNTU-CVE-2015-5809","UBUNTU-CVE-2015-5822","UBUNTU-CVE-2015-5928"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-2937-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2014-1748"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2015-1071"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2015-1076"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2015-1081"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2015-1083"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2015-1120"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2015-1122"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2015-1127"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2015-1153"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2015-1155"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2015-3658"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2015-3659"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2015-3727"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2015-3731"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2015-3741"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2015-3743"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2015-3745"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2015-3747"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2015-3748"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2015-3749"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2015-3752"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2015-5788"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2015-5794"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2015-5801"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2015-5809"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2015-5822"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2015-5928"}],"affected":[{"package":{"name":"webkitgtk","ecosystem":"Ubuntu:14.04:LTS","purl":"pkg:deb/ubuntu/webkitgtk@2.4.10-0ubuntu0.14.04.1?arch=source&distro=trusty"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.4.10-0ubuntu0.14.04.1"}]}],"versions":["2.2.1-2ubuntu2","2.3.2-1ubuntu2","2.3.2-1ubuntu3","2.3.2-1ubuntu4","2.3.2-1ubuntu5","2.3.2-1ubuntu6","2.3.4-1ubuntu2","2.3.90-1ubuntu1","2.3.91-0ubuntu1","2.4.0-1ubuntu2","2.4.2-1ubuntu0.1","2.4.3-1ubuntu2","2.4.4-1~ubuntu1","2.4.7-1~ubuntu1","2.4.8-1ubuntu1~ubuntu14.04.1"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"gir1.2-javascriptcoregtk-1.0","binary_version":"2.4.10-0ubuntu0.14.04.1"},{"binary_name":"gir1.2-javascriptcoregtk-3.0","binary_version":"2.4.10-0ubuntu0.14.04.1"},{"binary_name":"gir1.2-webkit-1.0","binary_version":"2.4.10-0ubuntu0.14.04.1"},{"binary_name":"gir1.2-webkit-3.0","binary_version":"2.4.10-0ubuntu0.14.04.1"},{"binary_name":"gir1.2-webkit2-3.0","binary_version":"2.4.10-0ubuntu0.14.04.1"},{"binary_name":"libjavascriptcoregtk-1.0-0","binary_version":"2.4.10-0ubuntu0.14.04.1"},{"binary_name":"libjavascriptcoregtk-1.0-dev","binary_version":"2.4.10-0ubuntu0.14.04.1"},{"binary_name":"libjavascriptcoregtk-3.0-0","binary_version":"2.4.10-0ubuntu0.14.04.1"},{"binary_name":"libjavascriptcoregtk-3.0-bin","binary_version":"2.4.10-0ubuntu0.14.04.1"},{"binary_name":"libjavascriptcoregtk-3.0-dev","binary_version":"2.4.10-0ubuntu0.14.04.1"},{"binary_name":"libwebkit-dev","binary_version":"2.4.10-0ubuntu0.14.04.1"},{"binary_name":"libwebkit2gtk-3.0-25","binary_version":"2.4.10-0ubuntu0.14.04.1"},{"binary_name":"libwebkit2gtk-3.0-dev","binary_version":"2.4.10-0ubuntu0.14.04.1"},{"binary_name":"libwebkitgtk-1.0-0","binary_version":"2.4.10-0ubuntu0.14.04.1"},{"binary_name":"libwebkitgtk-1.0-common","binary_version":"2.4.10-0ubuntu0.14.04.1"},{"binary_name":"libwebkitgtk-3.0-0","binary_version":"2.4.10-0ubuntu0.14.04.1"},{"binary_name":"libwebkitgtk-3.0-common","binary_version":"2.4.10-0ubuntu0.14.04.1"},{"binary_name":"libwebkitgtk-3.0-dev","binary_version":"2.4.10-0ubuntu0.14.04.1"},{"binary_name":"libwebkitgtk-common-dev","binary_version":"2.4.10-0ubuntu0.14.04.1"},{"binary_name":"libwebkitgtk-dev","binary_version":"2.4.10-0ubuntu0.14.04.1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-2937-1.json","cves_map":{"ecosystem":"Ubuntu:14.04:LTS","cves":[{"id":"CVE-2015-1071","severity":[{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2015-1076","severity":[{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2015-1081","severity":[{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2015-1083","severity":[{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2015-1120","severity":[{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2015-1122","severity":[{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2015-1127","severity":[{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2015-1153","severity":[{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2015-1155","severity":[{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2015-3658","severity":[{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2015-3659","severity":[{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2015-3727","severity":[{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2015-3731","severity":[{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2015-3741","severity":[{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2015-3743","severity":[{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2015-3745","severity":[{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2015-3747","severity":[{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2015-3748","severity":[{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2015-3749","severity":[{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2015-3752","severity":[{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2015-5788","severity":[{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2015-5794","severity":[{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2015-5801","severity":[{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2015-5809","severity":[{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2015-5822","severity":[{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2015-5928","severity":[{"type":"Ubuntu","score":"medium"}]}]}}}],"schema_version":"1.7.3"}