← Volver a CVEs
CVE-2019-8720
HIGHCISA KEV8.8
Descripcion
A vulnerability was found in WebKit. The flaw is triggered when processing maliciously crafted web content that may lead to arbitrary code execution. Improved memory handling addresses the multiple memory corruption issues.
Detalles CVE
Puntuacion CVSS v3.18.8
SeveridadHIGH
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioREQUIRED
Publicado3/6/2023
Ultima modificacion11/18/2025
Fuentekev
Avistamientos honeypot0
CISA KEV
VendedorWebKitGTK
ProductoWebKitGTK
Nombre vulnerabilidadWebKitGTK Memory Corruption Vulnerability
Fecha inclusion KEV2022-05-23
Fecha limite remediacion2022-06-13
Uso en ransomwareUnknown
Productos afectados
redhat:codeready_linux_builderredhat:codeready_linux_builder_eusredhat:codeready_linux_builder_for_arm64_eusredhat:codeready_linux_builder_for_ibm_z_systems_eusredhat:codeready_linux_builder_for_power_little_endian_eusredhat:enterprise_linuxredhat:enterprise_linux_desktopredhat:enterprise_linux_eusredhat:enterprise_linux_for_arm64_eusredhat:enterprise_linux_for_ibm_z_systemsredhat:enterprise_linux_for_ibm_z_systems_eusredhat:enterprise_linux_for_power_big_endianredhat:enterprise_linux_for_power_little_endianredhat:enterprise_linux_for_power_little_endian_eusredhat:enterprise_linux_for_scientific_computingredhat:enterprise_linux_serverredhat:enterprise_linux_server_ausredhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutionsredhat:enterprise_linux_server_tusredhat:enterprise_linux_server_update_services_for_sap_solutionsredhat:enterprise_linux_workstationwebkitgtk:webkitgtkwpewebkit:wpe_webkit
Debilidades (CWE)
CWE-119CWE-119CWE-119
Referencias
https://bugzilla.redhat.com/show_bug.cgi?id=1876611(secalert@redhat.com)
https://webkitgtk.org/security/WSA-2019-0005.html(secalert@redhat.com)
https://bugzilla.redhat.com/show_bug.cgi?id=1876611(af854a3a-2127-422b-91ae-364da2661108)
https://webkitgtk.org/security/WSA-2019-0005.html(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-8720(134c704f-9b21-4f2e-91b3-4a467353bcc0)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.