← Voltar para CVEs
CVE-2019-8720
HIGHCISA KEV8.8
Descricao
A vulnerability was found in WebKit. The flaw is triggered when processing maliciously crafted web content that may lead to arbitrary code execution. Improved memory handling addresses the multiple memory corruption issues.
Detalhes CVE
Pontuacao CVSS v3.18.8
SeveridadeHIGH
Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vetor de ataqueNETWORK
ComplexidadeLOW
Privilegios necessariosNONE
Interacao do usuarioREQUIRED
Publicado3/6/2023
Ultima modificacao11/18/2025
Fontekev
Avistamentos honeypot0
CISA KEV
FornecedorWebKitGTK
ProdutoWebKitGTK
Nome da vulnerabilidadeWebKitGTK Memory Corruption Vulnerability
Data inclusao KEV2022-05-23
Prazo de remediacao2022-06-13
Uso em ransomwareUnknown
Produtos afetados
redhat:codeready_linux_builderredhat:codeready_linux_builder_eusredhat:codeready_linux_builder_for_arm64_eusredhat:codeready_linux_builder_for_ibm_z_systems_eusredhat:codeready_linux_builder_for_power_little_endian_eusredhat:enterprise_linuxredhat:enterprise_linux_desktopredhat:enterprise_linux_eusredhat:enterprise_linux_for_arm64_eusredhat:enterprise_linux_for_ibm_z_systemsredhat:enterprise_linux_for_ibm_z_systems_eusredhat:enterprise_linux_for_power_big_endianredhat:enterprise_linux_for_power_little_endianredhat:enterprise_linux_for_power_little_endian_eusredhat:enterprise_linux_for_scientific_computingredhat:enterprise_linux_serverredhat:enterprise_linux_server_ausredhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutionsredhat:enterprise_linux_server_tusredhat:enterprise_linux_server_update_services_for_sap_solutionsredhat:enterprise_linux_workstationwebkitgtk:webkitgtkwpewebkit:wpe_webkit
Fraquezas (CWE)
CWE-119CWE-119CWE-119
Referencias
https://bugzilla.redhat.com/show_bug.cgi?id=1876611(secalert@redhat.com)
https://webkitgtk.org/security/WSA-2019-0005.html(secalert@redhat.com)
https://bugzilla.redhat.com/show_bug.cgi?id=1876611(af854a3a-2127-422b-91ae-364da2661108)
https://webkitgtk.org/security/WSA-2019-0005.html(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-8720(134c704f-9b21-4f2e-91b3-4a467353bcc0)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.