Oval Definition:	oval:com.ubuntu.cosmic:def:201983750000000
Revision Date: 2019-02-24 Version: 1 Title: CVE-2019-8375 on Ubuntu 18.10 (cosmic) - medium. Description: The UIProcess subsystem in WebKit, as used in WebKitGTK through 2.23.90 and WebKitGTK+ through 2.22.6 and other products, does not prevent the script dialog size from exceeding the web view size, which allows remote attackers to cause a denial of service (Buffer Overflow) or possibly have unspecified other impact, related to UIProcess/API/gtk/WebKitScriptDialogGtk.cpp, UIProcess/API/gtk/WebKitScriptDialogImpl.cpp, and UIProcess/API/gtk/WebKitWebViewGtk.cpp, as demonstrated by GNOME Web (aka Epiphany). Family: unix Class: vulnerability Status: Reference(s): CVE-2019-8375 Platform(s): Ubuntu 18.10 Product(s): Definition Synopsis Ubuntu 18.10 (cosmic) is installed. AND Package Information qtwebkit-opensource-src: while related to the CVE in some way, a decision has been made to ignore this issue (note: 'reached end-of-life'). OR qtwebkit-source: while related to the CVE in some way, a decision has been made to ignore this issue (note: 'reached end-of-life'). OR webkit2gtk package in cosmic was vulnerable but has been fixed (note: '2.24.1-0ubuntu0.18.10.2'). OR webkitgtk: while related to the CVE in some way, a decision has been made to ignore this issue (note: 'reached end-of-life').
BACK