Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2020-13753

Опубликовано: 14 июл. 2020
Источник: nvd
CVSS3: 10
CVSS2: 7.5
EPSS Низкий

Описание

The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to CLONE_NEWUSER and the TIOCSTI ioctl. CLONE_NEWUSER could potentially be used to confuse xdg-desktop-portal, which allows access outside the sandbox. TIOCSTI can be used to directly execute commands outside the sandbox by writing to the controlling terminal's input buffer, similar to CVE-2017-5226.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:webkitgtk:webkitgtk:*:*:*:*:*:*:*:*
Версия до 2.28.3 (исключая)
cpe:2.3:a:wpewebkit:wpe_webkit:*:*:*:*:*:*:*:*
Версия до 2.28.3 (исключая)
Конфигурация 2
cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
Конфигурация 3
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
Конфигурация 4

Одно из

cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
Конфигурация 5
cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*

EPSS

Процентиль: 79%
0.01219
Низкий

10 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-20

Связанные уязвимости

ubuntu логотип

CVE-2020-13753

CVSS3: 10
ubuntu
больше 5 лет назад

The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to CLONE_NEWUSER and the TIOCSTI ioctl. CLONE_NEWUSER could potentially be used to confuse xdg-desktop-portal, which allows access outside the sandbox. TIOCSTI can be used to directly execute commands outside the sandbox by writing to the controlling terminal's input buffer, similar to CVE-2017-5226.

redhat логотип

CVE-2020-13753

CVSS3: 10
redhat
больше 5 лет назад

The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to CLONE_NEWUSER and the TIOCSTI ioctl. CLONE_NEWUSER could potentially be used to confuse xdg-desktop-portal, which allows access outside the sandbox. TIOCSTI can be used to directly execute commands outside the sandbox by writing to the controlling terminal's input buffer, similar to CVE-2017-5226.

debian логотип

CVE-2020-13753

CVSS3: 10
debian
больше 5 лет назад

The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, f ...

github логотип

GHSA-7vvx-4whv-jg73

CVSS3: 10
github
больше 3 лет назад

The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to CLONE_NEWUSER and the TIOCSTI ioctl. CLONE_NEWUSER could potentially be used to confuse xdg-desktop-portal, which allows access outside the sandbox. TIOCSTI can be used to directly execute commands outside the sandbox by writing to the controlling terminal's input buffer, similar to CVE-2017-5226.

suse-cvrf логотип

openSUSE-SU-2020:1064-1

suse-cvrf
больше 5 лет назад

Security update for webkit2gtk3

EPSS

Процентиль: 79%
0.01219
Низкий

10 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-20