Alpine: webkit2gtk: security update to 2.34.3-r0

medium Tenable Cloud Security Plugin ID 407583

Description

There are packages installed that are affected by multiple vulnerabilities referenced in the following CVEs:

- A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS
15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to
unexpectedly unenforced Content Security Policy. (CVE-2021-30887)

- A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1,
iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to
universal cross site scripting. (CVE-2021-30890)

See Also

https://security.alpinelinux.org/vuln/CVE-2021-30887

https://security.alpinelinux.org/vuln/CVE-2021-30890

Plugin Details

Severity: Medium

ID: 407583

Version: Revision 1.39

Type: Local

Published: 10/31/2023

Updated: 11/11/2025

Supported Sensors: Agentless Assessment

Risk Information

VPR

Risk Factor: Low

Score: 3

Percentile: 23.18

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.2

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS Score Source: CVE-2021-30890

CVSS v3

Risk Factor: Medium

Base Score: 6.5

Temporal Score: 5.7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

CVSS Score Source: CVE-2021-30887

Vulnerability Information

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 8/24/2021

Reference Information

CVE: CVE-2021-30887, CVE-2021-30890