{"affected":[{"ecosystem_specific":{"binaries":[{"libjavascriptcoregtk-4_0-18":"2.32.4-12.3","libjavascriptcoregtk-4_0-18-32bit":"2.32.4-12.3","libwebkit2gtk-4_0-37":"2.32.4-12.3","libwebkit2gtk-4_0-37-32bit":"2.32.4-12.3","libwebkit2gtk3-lang":"2.32.4-12.3","typelib-1_0-JavaScriptCore-4_0":"2.32.4-12.3","typelib-1_0-WebKit2-4_0":"2.32.4-12.3","typelib-1_0-WebKit2WebExtension-4_0":"2.32.4-12.3","webkit-jsc-4":"2.32.4-12.3","webkit2gtk-4_0-injected-bundles":"2.32.4-12.3","webkit2gtk3-devel":"2.32.4-12.3","webkit2gtk3-minibrowser":"2.32.4-12.3"}]},"package":{"ecosystem":"openSUSE:Leap 15.3","name":"webkit2gtk3","purl":"pkg:rpm/opensuse/webkit2gtk3&distro=openSUSE%20Leap%2015.3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.32.4-12.3"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for webkit2gtk3 fixes the following issues:\n\n- Update to version 2.32.4\n- CVE-2021-30858: Fixed a security bug that could allow maliciously crafted web content to achieve arbitrary code execution. (bsc#1190701)\n- CVE-2021-21806: Fixed an exploitable use-after-free vulnerability via specially crafted HTML web page. (bsc#1188697)\n","id":"openSUSE-SU-2021:3353-1","modified":"2021-10-12T11:24:06Z","published":"2021-10-12T11:24:06Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4KJIY3NX4MIKAMIQIFUSKB4JVJBMJUFI/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1188697"},{"type":"REPORT","url":"https://bugzilla.suse.com/1190701"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-21806"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-30858"}],"related":["CVE-2021-21806","CVE-2021-30858"],"summary":"Security update for webkit2gtk3","upstream":["CVE-2021-21806","CVE-2021-30858"]}