Описание
WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0) contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. This issue has been fixed in 2.28.0 with improved memory handling.
Ссылки
- Mailing ListThird Party Advisory
- Permissions RequiredVendor Advisory
- Third Party Advisory
- Third Party Advisory
- Vendor Advisory
- Vendor Advisory
- Third Party Advisory
- Mailing ListThird Party Advisory
- Permissions RequiredVendor Advisory
- Third Party Advisory
- Third Party Advisory
- Vendor Advisory
- Vendor Advisory
- Third Party Advisory
Уязвимые конфигурации
Одно из
Одно из
Одно из
EPSS
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
Связанные уязвимости
WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0) contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. This issue has been fixed in 2.28.0 with improved memory handling.
WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0) contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. This issue has been fixed in 2.28.0 with improved memory handling.
WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the ...
accessibility/AXObjectCache.cpp in WebKit, as used in WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4, allows a denial of service (application crash) because maintenance of the m_deferredFocusedNodeChange data structure mishandles removal.
Уязвимость модулей отображения веб-страниц WebKitGTK и WPE WebKit, связанная с использованием памяти после ее освобождения, позволяющая нарушителю выполнить произвольный код
EPSS
9.8 Critical
CVSS3
7.5 High
CVSS2