Actively Exploited WebKitGTK Code Execution Vuln Fixed
1 min read
Jul 13, 2023
A type confusion issue that may have been actively exploited has been identified in the WebKitGTK web engine (CVE-2023-32439). With a low attack complexity and a high confidentiality, integrity and availability impact, this vulnerability has received a National Vulnerability Database severity rating of High.
This flaw may lead to arbitrary code execution by processing maliciously crafted web content.
An important WebKitGTK security update that fixes this bug has been released. We urge all impacted users to apply the WebKitGTK updates issued by their distro(s) as soon as possible to protect the confidentiality, integrity and availability of their systems and their sensitive data.
To stay on top of important updates released by the open-source programs and applications you use, be sure to register as a LinuxSecurity user, then subscribe to our Linux Advisory Watch newsletter and customize your advisories for the distro(s) you use. This will enable you to stay up-to-date on the latest, most significant issues impacting the security of your systems.
Follow @LS_Advisories on Twitter for real-time updates on advisories for your distro(s).
Related Articles
1 - 0 min read
Ubuntu Tool Could Trick Users Into Installing Rogue Packages
1 - 0 min read
New GhostRace Attack Impacts Major CPU, Software Vendors
1 - 0 min read
Multiple Chromium DoS, Info Disclosure Vulns Fixed [Updated]
1 - 0 min read
Debian and Ubuntu Fix More OpenSSH Vulnerabilities
