Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2020-13543

A code execution vulnerability exists in the WebSocket functionality of Webkit WebKitGTK 2.30.0. A specially crafted web page can trigger a use-after-free vulnerability which can lead to remote code execution. An attacker can get a user to visit a webpage to trigger this vulnerability.

Related bugs and status

CVE-2020-13543 (Candidate) is related to these bugs:

Bug #1970779: Upgrade to 2.36.7 for Focal and Jammy

		In	Importance	Status
1970779	Upgrade to 2.36.7 for Focal and Jammy	wpewebkit (Ubuntu)	Medium	Incomplete
1970779	Upgrade to 2.36.7 for Focal and Jammy	wpewebkit (Ubuntu Jammy)	Undecided	Confirmed
1970779	Upgrade to 2.36.7 for Focal and Jammy	wpewebkit (Ubuntu Focal)	Undecided	Confirmed

See the

CVE page on Mitre.org for more details.

References

MISC: https://talosintellige...
GENTOO: GLSA-202012-10
MISC: https://www.oracle.com...