7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:C/I:N/A:N
0.005 Low
EPSS
Percentile
74.6%
xisigr of Tencent’s Xuanwu Lab discovered a vulnerability in the way
webkit handles URLs, which allows remote attackers to bypass the Same
Origin Policy via a crafted web site.
ma.la of LINE Corporation discoveered a vulnerability in the way webkit
handles the location variable, which allows remote attackers to access
the local filesystem via unspecified vectors.
Samuel Gross working with Trend Micro’s Zero Day Initiative discovered a
vulnerability that allows remote attackers to execute arbitrary code or
cause a denial of service (memory corruption) via a crafted web site.
Apple found a vulnerability that allows remote attackers to execute
arbitrary code or cause a denial of service (memory corruption) via a
crafted web site.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
any | any | any | webkit2gtk | < 2.12.4-1 | UNKNOWN |
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:C/I:N/A:N
0.005 Low
EPSS
Percentile
74.6%