VDB

CVE-2017-17821

CVE-2017-17821 PUBLISHED

WTF/wtf/FastBitVector.h in WebKit, as distributed in Safari Technology Preview Release 46, allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact because it calls the FastBitVectorWordOwner::resizeSlow function (in WTF/wtf/FastBitVector.cpp) for a purpose other than initializing a bitvector size, and resizeSlow mishandles cases where the old array length is greater than the new array length.

EPSS 0.68% · 72.0th percentile

Risk Scores

EPSS Score
0.68%
72.0th percentile

Affected Products

VendorProductVersions
Ubuntu:16.04:LTSqtwebkit-opensource-src5.4.2+dfsg-1ubuntu2.1, 5.5.1+dfsg-2ubuntu1, 0
Ubuntu:16.04:LTSqtwebkit-source0, 2.3.2-0ubuntu11, 2.3.2-0ubuntu10
Ubuntu:18.04:LTSqtwebkit-source2.3.2-0ubuntu13, 0
Ubuntu:18.04:LTSwebkitgtk2.4.11-3ubuntu2, 2.4.11-3ubuntu3, 0
Ubuntu:22.04:LTSqtwebkit-opensource-src5.212.0~alpha4-14build1, 5.212.0~alpha4-14, 5.212.0~alpha4-13
Ubuntu:24.04:LTSqtwebkit-opensource-src*, 0, 5.212.0~alpha4-34
Ubuntu:16.04:LTSwebkitgtk0, 2.4.9-2ubuntu2, 2.4.11-0ubuntu0.1
Ubuntu:20.04:LTSqtwebkit-opensource-src5.212.0~alpha4-1ubuntu2, 5.212.0~alpha3-3, 5.212.0~alpha3-5
Ubuntu:18.04:LTSqtwebkit-opensource-src0, 5.9.1+dfsg-5ubuntu3, 5.212.0~alpha2-7

Exploit Intelligence

Timeline

  • Dec 21, 2017 CVE Published
  • Apr 14, 2021 EPSS Score
  • Jun 23, 2021 EPSS Score
  • Aug 24, 2021 EPSS Score
  • Oct 26, 2021 EPSS Score
  • Dec 27, 2021 EPSS Score
  • Feb 28, 2022 EPSS Score
  • May 2, 2022 EPSS Score
  • May 14, 2022 CVE Updated
  • Jul 3, 2022 EPSS Score
  • Sep 5, 2022 EPSS Score
  • Nov 6, 2022 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›