Wpe Webkit Security Vulnerabilities and Issues — Wpe Webkit CVE List

Lucene search

WpewebkitWpe Webkit

3 matches found

CVE•added 2020/04/17 1:15 p.m.•305 views

CVE-2020-11793

A use-after-free issue exists in WebKitGTK before 2.28.1 and WPE WebKit before 2.28.1 via crafted web content that allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash).

8.8CVSS9AI score0.00498EPSS

CVE•added 2020/03/02 11:15 p.m.•277 views

CVE-2020-10018

WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0) contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. This issue has been fixed in 2.28.0 with improved memory handling.

9.8CVSS9.6AI score0.02767EPSS

CVE•added 2020/07/14 2:15 p.m.•200 views

CVE-2020-13753

The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to CLONE_NEWUSER and the TIOCSTI ioctl. CLONE_NEWUSER could potentially be used to confuse xdg-desktop-portal, which allows access outside the sandbox. TIOCSTI can be used to directly execute comman...

10CVSS8.1AI score0.09066EPSS