Alpine: webkit2gtk: security update to 2.22.7-r0

high Tenable Cloud Security Plugin ID 426683

Description

There are packages installed that are affected by multiple vulnerabilities referenced in the following CVEs:

- A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3,
tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing
maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-6227)

- Multiple memory corruption issues were addressed with improved memory handling. This issue affected
versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud
for Windows 7.9. (CVE-2018-4437)

- Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS
12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing
maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-6212)

- A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3,
tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously
crafted web content may lead to arbitrary code execution. (CVE-2019-6215)

- Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS
12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10.
Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-6216)

See Also

https://security.alpinelinux.org/vuln/CVE-2018-4437

https://security.alpinelinux.org/vuln/CVE-2019-6212

https://security.alpinelinux.org/vuln/CVE-2019-6215

https://security.alpinelinux.org/vuln/CVE-2019-6216

https://security.alpinelinux.org/vuln/CVE-2019-6217

https://security.alpinelinux.org/vuln/CVE-2019-6227

https://security.alpinelinux.org/vuln/CVE-2019-6229

Plugin Details

Severity: High

ID: 426683

Version: Revision 1.2

Type: Local

Published: 5/16/2025

Updated: 7/2/2026

Supported Sensors: Agentless Assessment, Tenable Cloud Security, Tenable Self-Hosted Container Security

Risk Information

VPR

Risk Factor: Medium

Score: 6.9

Percentile: 97.35

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2019-6227

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 7.9

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 11/28/2018

Reference Information

CVE: CVE-2018-4437, CVE-2019-6212, CVE-2019-6215, CVE-2019-6216, CVE-2019-6217, CVE-2019-6227, CVE-2019-6229

BID: 106691, 106696, 106699