CVE-2019-8720
WebKitGTK Memory Corruption Vulnerability
8.8
HIGH
CVSS 3.1
⚠ KEVEPSS 4.1%
Description
A vulnerability was found in WebKit. The flaw is triggered when processing maliciously crafted web content that may lead to arbitrary code execution. Improved memory handling addresses the multiple memory corruption issues.
How to fix CVE-2019-8720
To remediate CVE-2019-8720, upgrade the affected package to a fixed version below.
- —upgrade to 2.26.0-1 or later
Is CVE-2019-8720 being exploited?
Yes — CVE-2019-8720 is on the CISA Known Exploited Vulnerabilities (KEV) catalog. Patch immediately.
Affected packages (1)
- from 0, < 2.26.0-1
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH8.8 | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |