Описание
A vulnerability was found in WebKit. The flaw is triggered when processing maliciously crafted web content that may lead to arbitrary code execution. Improved memory handling addresses the multiple memory corruption issues.
Отчет
This flaw is rated as 'Moderate' as the WebKitGTK package is shipped as a dependency for the Gnome package. Red Hat Enterprise Linux does not ship any WebKitGTK-based web browser where this flaw would present a higher severity major threat.
Меры по смягчению последствий
Red Hat has investigated whether possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | webkitgtk | Will not fix | ||
| Red Hat Enterprise Linux 7 | webkitgtk3 | Will not fix | ||
| Red Hat Enterprise Linux 7 | webkitgtk4 | Fixed | RHSA-2020:4035 | 29.09.2020 |
| Red Hat Enterprise Linux 8 | webkit2gtk3 | Fixed | RHSA-2020:4451 | 04.11.2020 |
Показывать по
Дополнительная информация
Статус:
EPSS
8.8 High
CVSS3
Связанные уязвимости
A vulnerability was found in WebKit. The flaw is triggered when processing maliciously crafted web content that may lead to arbitrary code execution. Improved memory handling addresses the multiple memory corruption issues.
A vulnerability was found in WebKit. The flaw is triggered when processing maliciously crafted web content that may lead to arbitrary code execution. Improved memory handling addresses the multiple memory corruption issues.
A vulnerability was found in WebKit. The flaw is triggered when proces ...
A vulnerability was found in WebKit. The flaw is triggered when processing maliciously crafted web content that may lead to arbitrary code execution. Improved memory handling addresses the multiple memory corruption issues.
EPSS
8.8 High
CVSS3