CVE-2019-8720

high-risk
Published 2023-03-06

A vulnerability was found in WebKit. The flaw is triggered when processing maliciously crafted web content that may lead to arbitrary code execution. Improved memory handling addresses the multiple memory corruption issues.

Do I need to act?

~
4.1% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
!
CISA KEV: actively exploited in the wild
On the Known Exploited Vulnerabilities catalog — federal agencies must patch
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
8
CVSS 8.8/10 High
NETWORK / LOW complexity

Affected Products (20)

Codeready Linux Builder For Arm64 Eus
Codeready Linux Builder For Arm64 Eus
Codeready Linux Builder For Arm64 Eus
Codeready Linux Builder For Ibm Z Systems Eus
Codeready Linux Builder For Ibm Z Systems Eus
Codeready Linux Builder For Ibm Z Systems Eus

Affected Vendors

Redhat Webkitgtk Wpewebkit

References (5)

Issue Tracking https://bugzilla.redhat.com/show_bug.cgi?id=1876611
Vendor Advisory https://webkitgtk.org/security/WSA-2019-0005.html
Issue Tracking https://bugzilla.redhat.com/show_bug.cgi?id=1876611
Vendor Advisory https://webkitgtk.org/security/WSA-2019-0005.html
US Government Resource https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-...
68
/ 100
high-risk
Severity 30/34 · Critical
Exploitability 14/34 · Moderate
Exposure 24/34 · High