CVE-2017-7161
Published: 31 December 2017
An issue was discovered in certain Apple products. Safari before 11.0.2 is affected. The issue involves the "WebKit Web Inspector" component. It allows remote attackers to execute arbitrary code via special characters that trigger command injection.
Priority
Medium
CVSS 3 base score: 8.8
Status
| Package | Release | Status |
|---|---|---|
|
qtwebkit Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
| Ubuntu 21.10 (Impish Indri) |
Does not exist
|
|
| Ubuntu 21.04 (Hirsute Hippo) |
Does not exist
|
|
| Ubuntu 20.04 LTS (Focal Fossa) |
Does not exist
|
|
| Ubuntu 18.04 LTS (Bionic Beaver) |
Does not exist
|
|
| Ubuntu 16.04 ESM (Xenial Xerus) |
Does not exist
|
|
| Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
|
qtwebkit-opensource-src Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
| Ubuntu 21.10 (Impish Indri) |
Needs triage
|
|
| Ubuntu 21.04 (Hirsute Hippo) |
Needs triage
|
|
| Ubuntu 20.04 LTS (Focal Fossa) |
Needs triage
|
|
| Ubuntu 18.04 LTS (Bionic Beaver) |
Needs triage
|
|
| Ubuntu 16.04 ESM (Xenial Xerus) |
Needs triage
|
|
| Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
(trusty was needs-triage)
|
|
|
qtwebkit-source Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
| Ubuntu 21.10 (Impish Indri) |
Does not exist
|
|
| Ubuntu 21.04 (Hirsute Hippo) |
Does not exist
|
|
| Ubuntu 20.04 LTS (Focal Fossa) |
Does not exist
|
|
| Ubuntu 18.04 LTS (Bionic Beaver) |
Needs triage
|
|
| Ubuntu 16.04 ESM (Xenial Xerus) |
Ignored
(end of standard support, was needs-triage)
|
|
| Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
(trusty was needs-triage)
|
|
|
webkit2gtk Launchpad, Ubuntu, Debian |
Upstream |
Released
(2.18.6)
|
| Ubuntu 21.10 (Impish Indri) |
Not vulnerable
(2.18.6-1)
|
|
| Ubuntu 21.04 (Hirsute Hippo) |
Not vulnerable
(2.18.6-1)
|
|
| Ubuntu 20.04 LTS (Focal Fossa) |
Not vulnerable
(2.18.6-1)
|
|
| Ubuntu 18.04 LTS (Bionic Beaver) |
Not vulnerable
(2.18.6-1)
|
|
| Ubuntu 16.04 ESM (Xenial Xerus) |
Released
(2.18.6-0ubuntu0.16.04.1)
|
|
| Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
|
webkitgtk Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
| Ubuntu 21.10 (Impish Indri) |
Does not exist
|
|
| Ubuntu 21.04 (Hirsute Hippo) |
Does not exist
|
|
| Ubuntu 20.04 LTS (Focal Fossa) |
Does not exist
|
|
| Ubuntu 18.04 LTS (Bionic Beaver) |
Needs triage
|
|
| Ubuntu 16.04 ESM (Xenial Xerus) |
Ignored
(end of standard support, was needs-triage)
|
|
| Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
(trusty was needs-triage)
|
Notes
| Author | Note |
|---|---|
| jdstrand | webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8 |