UBUNTU-CVE-2016-4583
- Source
- https://ubuntu.com/security/CVE-2016-4583
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2016/UBUNTU-CVE-2016-4583.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2016-4583
- Upstream
- Related
- Published
- 2016-07-21T00:00:00Z
- Modified
- 2025-07-16T08:19:20.753753Z
- Severity
-
- 3.1 (Low) CVSS_V3 - CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N CVSS Calculator
- Ubuntu - medium
- Summary
- [none]
- Details
-
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to bypass the Same Origin Policy and obtain image date from an unintended web site via a timing attack involving an SVG document.
- References
-
- https://ubuntu.com/security/CVE-2016-4583
- http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html
- http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html
- http://lists.apple.com/archives/security-announce/2016/Jul/msg00004.html
- https://support.apple.com/HT206900
- https://support.apple.com/HT206902
- https://support.apple.com/HT206905
- https://webkitgtk.org/security/WSA-2016-0005.html
- https://ubuntu.com/security/notices/USN-3079-1
- https://www.cve.org/CVERecord?id=CVE-2016-4583
Affected packages
Ubuntu:16.04:LTS / webkit2gtk
Package
- Name
- webkit2gtk
- Purl
- pkg:deb/ubuntu/webkit2gtk@2.12.5-0ubuntu0.16.04.1?arch=source&distro=xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.12.5-0ubuntu0.16.04.1
Affected versions
2.*
2.8.5+dfsg1-3
2.10.3+dfsg1-1
2.10.4+dfsg1-1
2.10.5-1
2.10.6-1
2.10.6-1ubuntu1
2.10.8-1ubuntu1
2.10.9-1ubuntu1
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_name": "gir1.2-javascriptcoregtk-4.0",
"binary_version": "2.12.5-0ubuntu0.16.04.1"
},
{
"binary_name": "gir1.2-webkit2-4.0",
"binary_version": "2.12.5-0ubuntu0.16.04.1"
},
{
"binary_name": "libjavascriptcoregtk-4.0-18",
"binary_version": "2.12.5-0ubuntu0.16.04.1"
},
{
"binary_name": "libjavascriptcoregtk-4.0-18-dbgsym",
"binary_version": "2.12.5-0ubuntu0.16.04.1"
},
{
"binary_name": "libjavascriptcoregtk-4.0-bin",
"binary_version": "2.12.5-0ubuntu0.16.04.1"
},
{
"binary_name": "libjavascriptcoregtk-4.0-bin-dbgsym",
"binary_version": "2.12.5-0ubuntu0.16.04.1"
},
{
"binary_name": "libjavascriptcoregtk-4.0-dev",
"binary_version": "2.12.5-0ubuntu0.16.04.1"
},
{
"binary_name": "libwebkit2gtk-4.0-37",
"binary_version": "2.12.5-0ubuntu0.16.04.1"
},
{
"binary_name": "libwebkit2gtk-4.0-37-dbgsym",
"binary_version": "2.12.5-0ubuntu0.16.04.1"
},
{
"binary_name": "libwebkit2gtk-4.0-37-gtk2",
"binary_version": "2.12.5-0ubuntu0.16.04.1"
},
{
"binary_name": "libwebkit2gtk-4.0-37-gtk2-dbgsym",
"binary_version": "2.12.5-0ubuntu0.16.04.1"
},
{
"binary_name": "libwebkit2gtk-4.0-dev",
"binary_version": "2.12.5-0ubuntu0.16.04.1"
},
{
"binary_name": "libwebkit2gtk-4.0-doc",
"binary_version": "2.12.5-0ubuntu0.16.04.1"
}
]
}
Ubuntu:Pro:16.04:LTS / qtwebkit-opensource-src
Package
- Name
- qtwebkit-opensource-src
- Purl
- pkg:deb/ubuntu/qtwebkit-opensource-src@5.5.1+dfsg-2ubuntu1?arch=source&distro=esm-infra/xenial
Ubuntu:Pro:16.04:LTS / qtwebkit-source
Package
- Name
- qtwebkit-source
- Purl
- pkg:deb/ubuntu/qtwebkit-source@2.3.2-0ubuntu11?arch=source&distro=esm-apps/xenial