CVE-2020-13558: Use After Free
First published: Wed Mar 03 2021(Updated: )
A code execution vulnerability exists in the AudioSourceProviderGStreamer functionality of Webkit WebKitGTK 2.30.1. A specially crafted web page can lead to a use after free.
Credit: talos-cna@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| WebKitGTK WebKitGTK | =2.30.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this code execution vulnerability?
The vulnerability ID of this code execution vulnerability is CVE-2020-13558.
In which software does the vulnerability CVE-2020-13558 exist?
The vulnerability CVE-2020-13558 exists in WebKitGTK 2.30.1.
What is the severity of vulnerability CVE-2020-13558?
The severity of vulnerability CVE-2020-13558 is high with a CVSS score of 8.8.
What is the CWE ID associated with vulnerability CVE-2020-13558?
The CWE ID associated with vulnerability CVE-2020-13558 is CWE-416.
How can I fix vulnerability CVE-2020-13558?
To fix vulnerability CVE-2020-13558, it is recommended to update WebKitGTK to a version that includes the necessary patch or apply the patch provided by the vendor.
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/webkitgtk
- canonical/webkitgtk webkitgtk
- version/webkitgtk webkitgtk/2.30.1