UBUNTU-CVE-2019-7292
See a problem?- Source
- https://ubuntu.com/security/notices/UBUNTU-CVE-2019-7292
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2019/UBUNTU-CVE-2019-7292.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2019-7292
- Related
- Published
- 2019-12-18T18:15:00Z
- Modified
- 2019-12-18T18:15:00Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVSS Calculator
- Summary
- [none]
- Details
-
A validation issue was addressed with improved logic. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may result in the disclosure of process memory.
- References
Affected packages
Ubuntu:Pro:16.04:LTS / qtwebkit-opensource-src
Package
- Name
- qtwebkit-opensource-src
Ubuntu:Pro:16.04:LTS / webkit2gtk
Package
- Name
- webkit2gtk
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2.*
2.8.5+dfsg1-3
2.10.3+dfsg1-1
2.10.4+dfsg1-1
2.10.5-1
2.10.6-1
2.10.6-1ubuntu1
2.10.8-1ubuntu1
2.10.9-1ubuntu1
2.12.5-0ubuntu0.16.04.1
2.14.2-0ubuntu0.16.04.1
2.14.3-0ubuntu0.16.04.1
2.14.5-0ubuntu0.16.04.1
2.16.1-0ubuntu0.16.04.1
2.16.1-0ubuntu0.16.04.2
2.16.2-0ubuntu0.16.04.1
2.16.3-0ubuntu0.16.04.1
2.16.6-0ubuntu0.16.04.1
2.18.0-0ubuntu0.16.04.2
2.18.3-0ubuntu0.16.04.1
2.18.4-0ubuntu0.16.04.1
2.18.5-0ubuntu0.16.04.1
2.18.6-0ubuntu0.16.04.1
2.20.1-0ubuntu0.16.04.1
2.20.2-0ubuntu0.16.04.1
2.20.3-0ubuntu0.16.04.1
2.20.5-0ubuntu0.16.04.1
Ubuntu:Pro:16.04:LTS / qtwebkit-source
Package
- Name
- qtwebkit-source
Ubuntu:Pro:16.04:LTS / webkitgtk
Package
- Name
- webkitgtk
Ubuntu:18.04:LTS / webkit2gtk
Package
- Name
- webkit2gtk
- Purl
- pkg:deb/ubuntu/webkit2gtk@2.22.6-0ubuntu0.18.04.1?arch=src?distro=bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.22.6-0ubuntu0.18.04.1
Affected versions
2.*
2.18.0-2
2.18.0-2build1
2.18.2-1
2.18.3-1
2.18.4-1
2.18.6-1
2.19.91-1ubuntu1
2.19.92-1
2.20.0-1
2.20.0-2
2.20.0-2ubuntu1
2.20.1-1
2.20.2-0ubuntu0.18.04.1
2.20.3-0ubuntu0.18.04.1
2.20.5-0ubuntu0.18.04.1
2.22.2-0ubuntu0.18.04.1
2.22.2-0ubuntu0.18.04.2
2.22.4-0ubuntu0.18.04.1
2.22.5-0ubuntu0.18.04.1
Ecosystem specific
{
"availability": "No subscription required",
"ubuntu_priority": "medium",
"binaries": [
{
"libwebkit2gtk-4.0-37-gtk2-dbgsym": "2.22.6-0ubuntu0.18.04.1",
"libjavascriptcoregtk-4.0-18-dbgsym": "2.22.6-0ubuntu0.18.04.1",
"gir1.2-javascriptcoregtk-4.0": "2.22.6-0ubuntu0.18.04.1",
"libwebkit2gtk-4.0-37-dbgsym": "2.22.6-0ubuntu0.18.04.1",
"libjavascriptcoregtk-4.0-18": "2.22.6-0ubuntu0.18.04.1",
"libjavascriptcoregtk-4.0-bin-dbgsym": "2.22.6-0ubuntu0.18.04.1",
"libwebkit2gtk-4.0-doc": "2.22.6-0ubuntu0.18.04.1",
"libjavascriptcoregtk-4.0-bin": "2.22.6-0ubuntu0.18.04.1",
"webkit2gtk-driver": "2.22.6-0ubuntu0.18.04.1",
"gir1.2-webkit2-4.0": "2.22.6-0ubuntu0.18.04.1",
"libwebkit2gtk-4.0-dev": "2.22.6-0ubuntu0.18.04.1",
"webkit2gtk-driver-dbgsym": "2.22.6-0ubuntu0.18.04.1",
"libjavascriptcoregtk-4.0-dev": "2.22.6-0ubuntu0.18.04.1",
"libwebkit2gtk-4.0-37-gtk2": "2.22.6-0ubuntu0.18.04.1",
"libwebkit2gtk-4.0-37": "2.22.6-0ubuntu0.18.04.1"
}
]
}
Ubuntu:Pro:18.04:LTS / qtwebkit-opensource-src
Package
- Name
- qtwebkit-opensource-src
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:Pro:18.04:LTS / qtwebkit-source
Package
- Name
- qtwebkit-source
Ubuntu:Pro:18.04:LTS / webkitgtk
Package
- Name
- webkitgtk
Ubuntu:20.04:LTS / qtwebkit-opensource-src
Package
- Name
- qtwebkit-opensource-src
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:22.04:LTS / qtwebkit-opensource-src
Package
- Name
- qtwebkit-opensource-src
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected