Multiple vulnerabilities in WebKitGTK and WPE WebKit
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 6 |
| CVE-ID | CVE-2021-30818 CVE-2021-30823 CVE-2021-30884 CVE-2021-30888 CVE-2021-30889 CVE-2021-30897 |
| CWE-ID | CWE-843 CWE-300 CWE-200 CWE-119 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
WebKitGTK+ Server applications / Frameworks for developing and running applications WPE WebKit Server applications / Frameworks for developing and running applications |
| Vendor | WebKitGTK |
Security Bulletin
This security bulletin contains information about 6 vulnerabilities.
1) Type Confusion
EUVDB-ID: #VU58697
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2021-30818
CWE-ID:
CWE-843 - Type confusion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a type confusion error in WebKit. A remote attacker can trick the victim to visit a specially crafted website, trigger a type confusion error and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsWebKitGTK+: 2.33.1 - 2.33.90
WPE WebKit: 2.33.1 - 2.33.2
CPE2.3- cpe:2.3:a:webkitgtk:webkitgtk_plus:2.33.1:*:*:*:*:*:*:*
- cpe:2.3:a:webkitgtk:webkitgtk_plus:2.33.2:*:*:*:*:*:*:*
- cpe:2.3:a:webkitgtk:webkitgtk_plus:2.33.3:*:*:*:*:*:*:*
- cpe:2.3:a:webkitgtk:wpe_webkit:2.33.1:*:*:*:*:*:*:*
- cpe:2.3:a:webkitgtk:wpe_webkit:2.33.2:*:*:*:*:*:*:*
http://webkitgtk.org/security/WSA-2021-0007.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Man-in-the-Middle (MitM) attack
EUVDB-ID: #VU57739
Risk: Medium
CVSSv4.0: 1.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2021-30823
CWE-ID:
CWE-300 - Channel Accessible by Non-Endpoint ('Man-in-the-Middle')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform MitM attack.
The vulnerability exists in WebKit. A remote attacker can bypass HSTS and perform MitM attack.
Install update from vendor's website.
Vulnerable software versionsWebKitGTK+: 2.33.1 - 2.33.90
WPE WebKit: 2.33.1 - 2.33.2
CPE2.3- cpe:2.3:a:webkitgtk:webkitgtk_plus:2.33.1:*:*:*:*:*:*:*
- cpe:2.3:a:webkitgtk:webkitgtk_plus:2.33.2:*:*:*:*:*:*:*
- cpe:2.3:a:webkitgtk:webkitgtk_plus:2.33.3:*:*:*:*:*:*:*
- cpe:2.3:a:webkitgtk:wpe_webkit:2.33.1:*:*:*:*:*:*:*
- cpe:2.3:a:webkitgtk:wpe_webkit:2.33.2:*:*:*:*:*:*:*
http://webkitgtk.org/security/WSA-2021-0007.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Information disclosure
EUVDB-ID: #VU58696
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-30884
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists in the WebKit component when processing CSS files. A remote attacker can trick the victim to open a specially crafted website and obtain user's browsing history.
Install update from vendor's website.
Vulnerable software versionsWebKitGTK+: 2.33.1 - 2.33.90
WPE WebKit: 2.33.1 - 2.33.2
CPE2.3- cpe:2.3:a:webkitgtk:webkitgtk_plus:2.33.1:*:*:*:*:*:*:*
- cpe:2.3:a:webkitgtk:webkitgtk_plus:2.33.2:*:*:*:*:*:*:*
- cpe:2.3:a:webkitgtk:webkitgtk_plus:2.33.3:*:*:*:*:*:*:*
- cpe:2.3:a:webkitgtk:wpe_webkit:2.33.1:*:*:*:*:*:*:*
- cpe:2.3:a:webkitgtk:wpe_webkit:2.33.2:*:*:*:*:*:*:*
http://webkitgtk.org/security/WSA-2021-0007.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Information disclosure
EUVDB-ID: #VU57741
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-30888
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists in WebKit. A malicious website using Content Security Policy reports may be able to leak information via redirect behavior.
Install update from vendor's website.
Vulnerable software versionsWebKitGTK+: 2.33.1 - 2.33.90
WPE WebKit: 2.33.1 - 2.33.2
CPE2.3- cpe:2.3:a:webkitgtk:webkitgtk_plus:2.33.1:*:*:*:*:*:*:*
- cpe:2.3:a:webkitgtk:webkitgtk_plus:2.33.2:*:*:*:*:*:*:*
- cpe:2.3:a:webkitgtk:webkitgtk_plus:2.33.3:*:*:*:*:*:*:*
- cpe:2.3:a:webkitgtk:wpe_webkit:2.33.1:*:*:*:*:*:*:*
- cpe:2.3:a:webkitgtk:wpe_webkit:2.33.2:*:*:*:*:*:*:*
http://webkitgtk.org/security/WSA-2021-0007.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Buffer overflow
EUVDB-ID: #VU57742
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2021-30889
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing HTML content in WebKit. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsWebKitGTK+: 2.33.1 - 2.33.90
WPE WebKit: 2.33.1 - 2.33.2
CPE2.3- cpe:2.3:a:webkitgtk:webkitgtk_plus:2.33.1:*:*:*:*:*:*:*
- cpe:2.3:a:webkitgtk:webkitgtk_plus:2.33.2:*:*:*:*:*:*:*
- cpe:2.3:a:webkitgtk:webkitgtk_plus:2.33.3:*:*:*:*:*:*:*
- cpe:2.3:a:webkitgtk:wpe_webkit:2.33.1:*:*:*:*:*:*:*
- cpe:2.3:a:webkitgtk:wpe_webkit:2.33.2:*:*:*:*:*:*:*
http://webkitgtk.org/security/WSA-2021-0007.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Information disclosure
EUVDB-ID: #VU58677
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2021-30897
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists in the WebKit specification for the resource timing API. A remote attacker can exfiltrate cross-origin data, if the victim visits a specially crafted website.
Install update from vendor's website.
Vulnerable software versionsWebKitGTK+: 2.33.1 - 2.33.90
WPE WebKit: 2.33.1 - 2.33.2
CPE2.3- cpe:2.3:a:webkitgtk:webkitgtk_plus:2.33.1:*:*:*:*:*:*:*
- cpe:2.3:a:webkitgtk:webkitgtk_plus:2.33.2:*:*:*:*:*:*:*
- cpe:2.3:a:webkitgtk:webkitgtk_plus:2.33.3:*:*:*:*:*:*:*
- cpe:2.3:a:webkitgtk:wpe_webkit:2.33.1:*:*:*:*:*:*:*
- cpe:2.3:a:webkitgtk:wpe_webkit:2.33.2:*:*:*:*:*:*:*
http://webkitgtk.org/security/WSA-2021-0007.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
