Chijin

**Name of the Vulnerable Software and Affected Versions** WebKitGTK versions prior to 2.36.8 **Description** A use-after-free vulnerability in WebCore::RenderLayer::updateDescendantDependentFlags allows attackers to execute code remotely. This issue is related to the rendering of web pages and can be exploited by a remote attacker to access confidential data, compromise data integrity, and cause a denial of service. **Recommendations** For WebKitGTK versions prior to 2.36.8, update to version 2.36.8 or later to resolve the issue. As a temporary workaround, consider disabling the `updateDescendantDependentFlags` function in WebCore::RenderLayer until a patch is available.

**Name of the Vulnerable Software and Affected Versions** WebKitGTK versions prior to 2.36.8 WPE WebKit (affected versions not specified) **Description** A use-after-free vulnerability in the `WebCore::RenderLayer::setNextSibling` function of the WebKitGTK and WPE WebKit rendering modules is related to the use of memory after it has been freed. Exploitation of this issue may allow a remote attacker to execute arbitrary code. **Recommendations** For WebKitGTK versions prior to 2.36.8, update to version 2.36.8 or later to resolve the issue. For WPE WebKit, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** WebKitGTK versions prior to 2.36.8 WPE WebKit (affected versions not specified) **Description** A use-after-free vulnerability in the `WebCore::RenderLayer::repaintBlockSelectionGaps` function of the WebKitGTK and WPE WebKit rendering modules allows attackers to execute code remotely. This issue is related to the use of memory after it has been freed. **Recommendations** For WebKitGTK versions prior to 2.36.8, update to version 2.36.8 or later to resolve the issue. For WPE WebKit, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** WebKitGTK versions prior to 2.36.8 WPE WebKit (affected versions not specified) **Description** A use-after-free vulnerability in the `WebCore::RenderLayer::addChild` function of WebKitGTK and WPE WebKit is related to the use of memory after it has been freed. Exploitation of this issue may allow a remote attacker to execute arbitrary code. **Recommendations** For WebKitGTK versions prior to 2.36.8, update to version 2.36.8 or later to resolve the issue. For WPE WebKit, at the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting access to the `WebCore::RenderLayer::addChild` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** WebKitGTK versions prior to 2.36.8 WPE WebKit (affected versions not specified) **Description** A use-after-free vulnerability in the WebCore::RenderLayer::renderer function of the WebKitGTK and WPE WebKit rendering modules allows attackers to execute code remotely. This issue is related to the use of memory after it has been freed, which can be exploited by a remote attacker to execute arbitrary code. **Recommendations** For WebKitGTK versions prior to 2.36.8, update to version 2.36.8 or later to resolve the issue. For WPE WebKit, at the moment, there is no information about a newer version that contains a fix for this vulnerability.