WebKitGTK Vulnerability

WebKitGTK is a web rendering engine used by various Linux distributions and applications. This vulnerability allows remote, user-assisted information disclosure that can reveal any file the user is permitted to read via abusing the file drag-and-drop mechanism where WebKitGTK does not verify that drag operations originate from outside the browser.

You're affected if you use A flaw was found. Specific version info not stated in the advisory. If you don't recognise this software, you're probably not affected.

No public patch link found in the advisory. Contact the vendor directly for remediation guidance. As immediate mitigation: restrict network access to affected systems if possible.

• access.redhat.com
• access.redhat.com
• access.redhat.com
• access.redhat.com
• bugzilla.redhat.com