Bugzilla – Bug 1205123
VUL-0: CVE-2022-42799: webkitgtk: a issue was addressed with improved UI handling
Last modified: 2022-11-30 08:08:19 UTC
CVE-2022-42799 Versions affected: WebKitGTK and WPE WebKit before 2.38.2. Credit to Jihwan Kim (@gPayl0ad), Dohyun Lee. (@l33d0hyun). Impact: Visiting a malicious website may lead to user interface spoofing. Description: The issue was addressed with improved UI handling. References: https://bugzilla.redhat.com/show_bug.cgi?id=2140503 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-42799 http://www.openwall.com/lists/oss-security/2022/11/04/4 https://www.cve.org/CVERecord?id=CVE-2022-42799 https://support.apple.com/en-us/HT213489 https://support.apple.com/en-us/HT213492 https://support.apple.com/en-us/HT213488 https://support.apple.com/en-us/HT213495 https://support.apple.com/en-us/HT213491
SUSE-SU-2022:4207-1: An update that fixes 5 vulnerabilities is now available. Category: security (important) Bug References: 1205120,1205121,1205122,1205123,1205124 CVE References: CVE-2022-32888,CVE-2022-32923,CVE-2022-42799,CVE-2022-42823,CVE-2022-42824 JIRA References: Sources used: openSUSE Leap 15.4 (src): webkit2gtk3-2.38.2-150400.4.22.1, webkit2gtk3-soup2-2.38.2-150400.4.22.1, webkit2gtk4-2.38.2-150400.4.22.1 SUSE Linux Enterprise Module for Development Tools 15-SP4 (src): webkit2gtk4-2.38.2-150400.4.22.1 SUSE Linux Enterprise Module for Desktop Applications 15-SP4 (src): webkit2gtk3-2.38.2-150400.4.22.1 SUSE Linux Enterprise Module for Basesystem 15-SP4 (src): webkit2gtk3-soup2-2.38.2-150400.4.22.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2022:4285-1: An update that fixes 5 vulnerabilities is now available. Category: security (important) Bug References: 1205120,1205121,1205122,1205123,1205124 CVE References: CVE-2022-32888,CVE-2022-32923,CVE-2022-42799,CVE-2022-42823,CVE-2022-42824 JIRA References: Sources used: openSUSE Leap 15.4 (src): webkit2gtk3-2.38.2-150200.54.2 openSUSE Leap 15.3 (src): webkit2gtk3-2.38.2-150200.54.2 SUSE Manager Server 4.1 (src): webkit2gtk3-2.38.2-150200.54.2 SUSE Manager Retail Branch Server 4.1 (src): webkit2gtk3-2.38.2-150200.54.2 SUSE Manager Proxy 4.1 (src): webkit2gtk3-2.38.2-150200.54.2 SUSE Linux Enterprise Server for SAP 15-SP2 (src): webkit2gtk3-2.38.2-150200.54.2 SUSE Linux Enterprise Server 15-SP2-LTSS (src): webkit2gtk3-2.38.2-150200.54.2 SUSE Linux Enterprise Server 15-SP2-BCL (src): webkit2gtk3-2.38.2-150200.54.2 SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (src): webkit2gtk3-2.38.2-150200.54.2 SUSE Linux Enterprise Module for Basesystem 15-SP3 (src): webkit2gtk3-2.38.2-150200.54.2 SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (src): webkit2gtk3-2.38.2-150200.54.2 SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (src): webkit2gtk3-2.38.2-150200.54.2 SUSE Enterprise Storage 7 (src): webkit2gtk3-2.38.2-150200.54.2 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2022:4283-1: An update that fixes 5 vulnerabilities is now available. Category: security (important) Bug References: 1205120,1205121,1205122,1205123,1205124 CVE References: CVE-2022-32888,CVE-2022-32923,CVE-2022-42799,CVE-2022-42823,CVE-2022-42824 JIRA References: Sources used: SUSE OpenStack Cloud Crowbar 9 (src): webkit2gtk3-2.38.2-2.120.1 SUSE OpenStack Cloud 9 (src): webkit2gtk3-2.38.2-2.120.1 SUSE Linux Enterprise Software Development Kit 12-SP5 (src): webkit2gtk3-2.38.2-2.120.1 SUSE Linux Enterprise Server for SAP 12-SP4 (src): webkit2gtk3-2.38.2-2.120.1 SUSE Linux Enterprise Server 12-SP5 (src): webkit2gtk3-2.38.2-2.120.1 SUSE Linux Enterprise Server 12-SP4-LTSS (src): webkit2gtk3-2.38.2-2.120.1 SUSE Linux Enterprise Server 12-SP3-BCL (src): webkit2gtk3-2.38.2-2.120.1 SUSE Linux Enterprise Server 12-SP2-BCL (src): webkit2gtk3-2.38.2-2.120.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2022:4284-1: An update that fixes 5 vulnerabilities is now available. Category: security (important) Bug References: 1205120,1205121,1205122,1205123,1205124 CVE References: CVE-2022-32888,CVE-2022-32923,CVE-2022-42799,CVE-2022-42823,CVE-2022-42824 JIRA References: Sources used: SUSE Linux Enterprise Server for SAP 15-SP1 (src): webkit2gtk3-2.38.2-150000.3.122.1 SUSE Linux Enterprise Server for SAP 15 (src): webkit2gtk3-2.38.2-150000.3.122.1 SUSE Linux Enterprise Server 15-SP1-LTSS (src): webkit2gtk3-2.38.2-150000.3.122.1 SUSE Linux Enterprise Server 15-SP1-BCL (src): webkit2gtk3-2.38.2-150000.3.122.1 SUSE Linux Enterprise Server 15-LTSS (src): webkit2gtk3-2.38.2-150000.3.122.1 SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (src): webkit2gtk3-2.38.2-150000.3.122.1 SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (src): webkit2gtk3-2.38.2-150000.3.122.1 SUSE Linux Enterprise High Performance Computing 15-LTSS (src): webkit2gtk3-2.38.2-150000.3.122.1 SUSE Linux Enterprise High Performance Computing 15-ESPOS (src): webkit2gtk3-2.38.2-150000.3.122.1 SUSE Enterprise Storage 6 (src): webkit2gtk3-2.38.2-150000.3.122.1 SUSE CaaS Platform 4.0 (src): webkit2gtk3-2.38.2-150000.3.122.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.