VDB
CVE-2019-8518
CVE-2019-8518
PUBLISHED
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.
EPSS 41.80% · 97.5th percentile
Risk Scores
EPSS Score
41.80%
97.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:16.04:LTS | qtwebkit-opensource-src | *, 0, * |
| Ubuntu:18.04:LTS | webkitgtk | 2.4.11-3ubuntu3, 0, 2.4.11-3 |
| Ubuntu:18.04:LTS | qtwebkit-source | 2.3.2-0ubuntu13, 0 |
| Ubuntu:16.04:LTS | webkit2gtk | 2.8.5+dfsg1-3, 2.10.3+dfsg1-1, 2.10.4+dfsg1-1 |
| Ubuntu:16.04:LTS | webkitgtk | 0, 2.4.9-2ubuntu2, 2.4.11-0ubuntu0.1 |
| Ubuntu:18.04:LTS | webkit2gtk | 2.20.1-1, 0, 2.18.0-2 |
| Ubuntu:16.04:LTS | qtwebkit-source | 2.3.2-0ubuntu10, 0, 2.3.2-0ubuntu11 |
| Ubuntu:18.04:LTS | qtwebkit-opensource-src | 5.212.0~alpha2-7ubuntu1, 0, 5.9.1+dfsg-5ubuntu1 |
| Ubuntu:24.04:LTS | qtwebkit-opensource-src | 5.212.0~alpha4-34, 5.212.0~alpha4-34ubuntu3, 5.212.0~alpha4-34ubuntu4 |
| Ubuntu:20.04:LTS | qtwebkit-opensource-src | 5.212.0~alpha3-5, 0, * |
| Ubuntu:22.04:LTS | qtwebkit-opensource-src | *, 5.212.0~alpha4-15ubuntu1, 5.212.0~alpha4-14ubuntu2 |
Exploit Intelligence
Timeline
- Mar 26, 2019 CVE Published
- Apr 3, 2019 PoC Published
- Apr 14, 2021 EPSS Score
- Feb 4, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 5, 2023 EPSS Score
- May 7, 2023 EPSS Score
- Jun 9, 2023 EPSS Score
- Jul 15, 2023 EPSS Score
- Aug 17, 2023 EPSS Score
- Sep 4, 2023 EPSS Score
References
- https://ubuntu.com/security/CVE-2019-8518 third-party-advisory
- https://webkitgtk.org/security/WSA-2019-0002.html third-party-advisory
- https://ubuntu.com/security/notices/USN-3948-1 vendor-advisory
- https://www.cve.org/CVERecord?id=CVE-2019-8518 third-party-advisory