QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2023-2203

Back to search

CVE-2023-2203

Published: May 17, 2023

Modified: Jan 22, 2025

PUBLISHED

Description

A flaw was found in the WebKitGTK package. An improper input validation issue may lead to a use-after-free vulnerability. This flaw allows attackers with network access to pass specially crafted web content files, causing a denial of service or arbitrary code execution. This CVE exists because of a CVE-2023-28205 security regression for the WebKitGTK package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2.

VendorProductVersions

n/a

WebKitGTK

affected
Affects webkit2gtk3 v2.38.5-1.el8 and webkit2gtk3 v2.38.5-1.el9, Fixed in webkit2gtk3 v2.38.5-1.el8_8.3 and webkit2gtk3 v2.38.5-1.el9_2.1

Weaknesses (CWE)

CWE-416

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now