Detections
Analytics
Alpine: webkit2gtk: security update to 2.26.3-r0
high Tenable Self-Hosted Container Security Plugin ID 427697
Description
There are packages installed that are affected by multiple vulnerabilities referenced in the following CVEs:- Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in
tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows,
iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.
(CVE-2019-8835)
- Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in
tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3
for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary
code execution. (CVE-2019-8844)
- A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 13.3,
iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for
Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.
(CVE-2019-8846)
See Also
https://security.alpinelinux.org/vuln/CVE-2019-8835
Plugin Details
Severity: High
ID: 427697
Version: Revision 1.1
Type: Local
Published: 5/16/2025
Updated: 5/16/2025
Supported Sensors: Agentless Assessment
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: High
Base Score: 9.3
Temporal Score: 6.9
Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2019-8846
CVSS v3
Risk Factor: High
Base Score: 8.8
Temporal Score: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
Exploit Ease: No known exploits are available
Vulnerability Publication Date: 12/6/2019