Free Trial

WebKitGTK and WPE WebKit Security Advisory WSA-2020-0004

[vc_row][vc_column][vc_column_text]

Overview :
A use-after-free issue exists in WebKitGTK before 2.28.1 and WPE WebKit before 2.28.1 via crafted web content that allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash).

CVE-2020-11793

WebKitGTK and WPE WebKit Security Advisory WSA-2020-0004

  • Date Reported: April 16, 2020
  • Advisory ID: WSA-2020-0004
  • CVE identifiers: CVE-2020-11793.

Several vulnerabilities were discovered in WebKitGTK and WPE WebKit.

  • CVE-2020-11793
    • Versions affected: WebKitGTK before 2.28.1 and WPE WebKit before 2.28.1.
    • Credit to Cim Stordal of Cognite.
    • Impact: Processing maliciously crafted web content may lead to arbitrary code execution or application crash (denial of service). Description: A memory corruption issue (use-after-free) was addressed with improved memory handling.

We recommend updating to the latest stable versions of WebKitGTK and WPE WebKit. It is the best way to ensure that you are running safe versions of WebKit. Please check our websites for information about the latest stable releases.

Further information about WebKitGTK and WPE WebKit security advisories can be found at: https://webkitgtk.org/security.html or https://wpewebkit.org/security/.

 

 

WebKitGTK and WPE WebKit Security Advisory WSA-2020-0004

  • Date Reported: April 16, 2020
  • Advisory ID: WSA-2020-0004
  • CVE identifiers: CVE-2020-11793.

Several vulnerabilities were discovered in WebKitGTK and WPE WebKit.

  • CVE-2020-11793
    • Versions affected: WebKitGTK before 2.28.1 and WPE WebKit before 2.28.1.
    • Credit to Cim Stordal of Cognite.
    • Impact: Processing maliciously crafted web content may lead to arbitrary code execution or application crash (denial of service). Description: A memory corruption issue (use-after-free) was addressed with improved memory handling.

We recommend updating to the latest stable versions of WebKitGTK and WPE WebKit. It is the best way to ensure that you are running safe versions of WebKit. Please check our websites for information about the latest stable releases.

Further information about WebKitGTK and WPE WebKit security advisories can be found at: https://webkitgtk.org/security.html or https://wpewebkit.org/security/.[/vc_column_text][/vc_column][/vc_row]

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2023-32306 : TIME TRACKER UP TO 1.22.13.5791 REPORTS.PHP SQL INJECTION

CVE-2023-32306 : TIME TRACKER UP TO 1.22.13.5791 REPORTS.PHP SQL INJECTION

Description Rockwell Automation was made aware that Kinetix 5500 drives, manufactured between May 2022 and January 2023, and are running

Learn more
CVE-2023-1834 : ROCKWELL AUTOMATION KINETIX 5500 7.13 TELNET/FTP ACCESS CONTROL

CVE-2023-1834 : ROCKWELL AUTOMATION KINETIX 5500 7.13 TELNET/FTP ACCESS CONTROL

Description Rockwell Automation was made aware that Kinetix 5500 drives, manufactured between May 2022 and January 2023, and are running

Learn more
CVE-2023-2645 : USR USR-G806 1.0.41 WEB MANAGEMENT PAGE USERNAME/PASSWORD HARD-CODED PASSWORD

CVE-2023-2645 : USR USR-G806 1.0.41 WEB MANAGEMENT PAGE USERNAME/PASSWORD HARD-CODED PASSWORD

Description A vulnerability, which was classified as critical, was found in USR USR-G806 1.0.41. Affected is an unknown function of

Learn more