Skip to main content

Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

© 2026 Mondoo, Inc.

Privacy Policy Terms of Service Imprint

Vulnerability Intelligence

Vulnerability IntelligenceSUSE-SU-2022:4641-1

SUSE-SU-2022:4641-1

UNKNOWN

Security update for webkit2gtk3

Published Dec 30, 2022

Modified 3 years ago

Fix available

Details

This update for webkit2gtk3 fixes the following issues:

Update to version 2.38.3:

CVE-2022-42856: Fixed a potential arbitrary code execution when processing maliciously crafted web content (bsc#1206474).
CVE-2022-42852: Fixed disclosure of process memory by improved memory handling.
CVE-2022-42867: Fixed a use after free issue was addressed with improved memory management.
CVE-2022-46692: Fixed bypass of Same Origin Policy through improved state management.
CVE-2022-46698: Fixed disclosure of sensitive user information with improved checks.
CVE-2022-46699: Fixed an arbitrary code execution caused by memory corruption.
CVE-2022-46700: Fixed an arbitrary code execution caused by memory corruption.

Affected Packages

libjavascriptcoregtk-4_0-18

SUSE Enterprise Storage 7SUSE Enterprise Storage 7.1SUSE Linux Enterprise High Performance Computing 15 SP2-LTSSSUSE Linux Enterprise High Performance Computing 15 SP3-ESPOSSUSE Linux Enterprise High Performance Computing 15 SP3-LTSS

Fixed in:

2.38.3-150200.57.1

libwebkit2gtk-4_0-37

SUSE Enterprise Storage 7SUSE Enterprise Storage 7.1SUSE Linux Enterprise High Performance Computing 15 SP2-LTSSSUSE Linux Enterprise High Performance Computing 15 SP3-ESPOSSUSE Linux Enterprise High Performance Computing 15 SP3-LTSS

Fixed in:

2.38.3-150200.57.1

libwebkit2gtk3-lang

SUSE Enterprise Storage 7SUSE Enterprise Storage 7.1SUSE Linux Enterprise High Performance Computing 15 SP2-LTSSSUSE Linux Enterprise High Performance Computing 15 SP3-ESPOSSUSE Linux Enterprise High Performance Computing 15 SP3-LTSS

Fixed in:

2.38.3-150200.57.1

typelib-1_0-JavaScriptCore-4_0

SUSE Enterprise Storage 7SUSE Enterprise Storage 7.1SUSE Linux Enterprise High Performance Computing 15 SP2-LTSSSUSE Linux Enterprise High Performance Computing 15 SP3-ESPOSSUSE Linux Enterprise High Performance Computing 15 SP3-LTSS

Fixed in:

2.38.3-150200.57.1

typelib-1_0-WebKit2-4_0

SUSE Enterprise Storage 7SUSE Enterprise Storage 7.1SUSE Linux Enterprise High Performance Computing 15 SP2-LTSSSUSE Linux Enterprise High Performance Computing 15 SP3-ESPOSSUSE Linux Enterprise High Performance Computing 15 SP3-LTSS

Fixed in:

2.38.3-150200.57.1

typelib-1_0-WebKit2WebExtension-4_0

SUSE Enterprise Storage 7SUSE Enterprise Storage 7.1SUSE Linux Enterprise High Performance Computing 15 SP2-LTSSSUSE Linux Enterprise High Performance Computing 15 SP3-ESPOSSUSE Linux Enterprise High Performance Computing 15 SP3-LTSS

Fixed in:

2.38.3-150200.57.1

webkit2gtk-4_0-injected-bundles

SUSE Enterprise Storage 7SUSE Enterprise Storage 7.1SUSE Linux Enterprise High Performance Computing 15 SP2-LTSSSUSE Linux Enterprise High Performance Computing 15 SP3-ESPOSSUSE Linux Enterprise High Performance Computing 15 SP3-LTSS

Fixed in:

2.38.3-150200.57.1

webkit2gtk3

SUSE Enterprise Storage 7SUSE Enterprise Storage 7.1SUSE Linux Enterprise High Performance Computing 15 SP2-LTSSSUSE Linux Enterprise High Performance Computing 15 SP3-ESPOSSUSE Linux Enterprise High Performance Computing 15 SP3-LTSS

Fixed in:

2.38.3-150200.57.1

webkit2gtk3-devel

SUSE Enterprise Storage 7SUSE Enterprise Storage 7.1SUSE Linux Enterprise High Performance Computing 15 SP2-LTSSSUSE Linux Enterprise High Performance Computing 15 SP3-ESPOSSUSE Linux Enterprise High Performance Computing 15 SP3-LTSS

Fixed in:

2.38.3-150200.57.1

References

https://bugzilla.suse.com/1206474

https://bugzilla.suse.com/1206750

https://www.suse.com/security/cve/CVE-2022-42852

https://www.suse.com/security/cve/CVE-2022-42856

https://www.suse.com/security/cve/CVE-2022-42863

https://www.suse.com/security/cve/CVE-2022-42867

https://www.suse.com/security/cve/CVE-2022-46691

https://www.suse.com/security/cve/CVE-2022-46692

https://www.suse.com/security/cve/CVE-2022-46698

https://www.suse.com/security/cve/CVE-2022-46699

https://www.suse.com/security/cve/CVE-2022-46700

https://www.suse.com/support/update/announcement/2022/suse-su-20224641-1/

Upstream

CVE-2022-42852 CVE-2022-42856 CVE-2022-42863 CVE-2022-42867 CVE-2022-46691 CVE-2022-46692 CVE-2022-46698 CVE-2022-46699 CVE-2022-46700

Related

CVE-2022-42852 CVE-2022-42856 CVE-2022-42863 CVE-2022-42867 CVE-2022-46691 CVE-2022-46692 CVE-2022-46698 CVE-2022-46699 CVE-2022-46700

Ecosystems(17)

SUSE Enterprise Storage 7 SUSE Enterprise Storage 7.1 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS

Timeline

PublishedDec 30, 2022

ModifiedDec 30, 2022

SUSE-SU-2022:4641-1 | Mondoo Vulnerability Intelligence