=====================================================================

                              CERT-Renater

                   Note d'Information No. 2023/VULN076

_____________________________________________________________________

DATE                : 15/02/2023

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running WebKitGTK, WPE WebKit versions 
                                   prior to 2.38.5.

=====================================================================
https://webkitgtk.org/security/WSA-2023-0002.html
https://wpewebkit.org/security/WSA-2023-0002.html
_____________________________________________________________________

-------------------------------------------------------------------
WebKitGTK and WPE WebKit Security Advisory            WSA-2023-0002
-------------------------------------------------------------------

Date reported           : February 15, 2023
Advisory ID             : WSA-2023-0002
WebKitGTK Advisory URL  : https://webkitgtk.org/security/WSA-2023-0002.html
WPE WebKit Advisory URL : https://wpewebkit.org/security/WSA-2023-0002.html
CVE identifiers         : CVE-2023-23529.

Several vulnerabilities were discovered in WebKitGTK and WPE WebKit.

CVE-2023-23529
     Versions affected: WebKitGTK and WPE WebKit before 2.38.5.
     Credit to an anonymous researcher.
     Impact: Processing maliciously crafted web content may lead to
     arbitrary code execution. Apple is aware of a report that this 
  issue may have been actively exploited. Description: A type 
confusion issue was addressed with improved checks.


We recommend updating to the latest stable versions of WebKitGTK and WPE 
WebKit. It is the best way to ensure that you are running safe versions 
of WebKit. Please check our websites for information about the latest 
stable releases.

Further information about WebKitGTK and WPE WebKit security advisories 
can be found at: https://webkitgtk.org/security.html or 
https://wpewebkit.org/security/.


The WebKitGTK and WPE WebKit team,


February 15, 2023

=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================