Vulnerabilities > CVE-2020-13558 - Use After Free vulnerability in Webkitgtk 2.30.1

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

webkitgtk

CWE-416

NVD

Published: 2021-03-03

Updated: 2022-07-30

Summary

A code execution vulnerability exists in the AudioSourceProviderGStreamer functionality of Webkit WebKitGTK 2.30.1. A specially crafted web page can lead to a use after free.

Vulnerable Configurations

Part	Description	Count
Application	Webkitgtk Webkitgtk Webkitgtk 2.30.1	1

Common Weakness Enumeration (CWE)

CWE-416 - Use After Free

References

https://talosintelligence.com/vulnerability_reports/TALOS-2020-1172
https://security.gentoo.org/glsa/202104-03