VDB

CVE-2020-13543

CVE-2020-13543 PUBLISHED

A code execution vulnerability exists in the WebSocket functionality of Webkit WebKitGTK 2.30.0. A specially crafted web page can trigger a use-after-free vulnerability which can lead to remote code execution. An attacker can get a user to visit a webpage to trigger this vulnerability.

EPSS 1.49% · 81.4th percentile

Risk Scores

EPSS Score
1.49%
81.4th percentile

Affected Products

VendorProductVersions
Ubuntu:22.04:LTSqtwebkit-opensource-src*, *, 0
Ubuntu:20.04:LTSwpewebkit0, 2.26.4-1build1, 2.26.4-1
Ubuntu:18.04:LTSqtwebkit-source2.3.2-0ubuntu13, 0
Ubuntu:20.04:LTSqtwebkit-opensource-src*, *, 0
Ubuntu:24.04:LTSqtwebkit-opensource-src5.212.0~alpha4-33build1, 0, 5.212.0~alpha4-33
Ubuntu:18.04:LTSqtwebkit-opensource-src5.212.0~alpha2-7ubuntu1, 5.212.0~alpha2-7build2, 5.212.0~alpha2-5build4
Ubuntu:22.04:LTSwpewebkit2.36.0-2ubuntu2, 2.34.4-1, 2.34.1-1
Ubuntu:16.04:LTSqtwebkit-source2.3.2-0ubuntu10, 2.3.2-0ubuntu11, 0
Ubuntu:20.04:LTSwebkit2gtk2.26.1-3, 2.28.4-0ubuntu0.20.04.1, 0
Ubuntu:16.04:LTSqtwebkit-opensource-src0, 5.5.1+dfsg-2ubuntu1, 5.4.2+dfsg-1ubuntu2.1
Ubuntu:18.04:LTSwebkit2gtk2.28.1-0ubuntu0.18.04.1, 2.18.0-2, 2.18.0-2build1
Ubuntu:16.04:LTSwebkit2gtk2.14.2-0ubuntu0.16.04.1, 2.14.5-0ubuntu0.16.04.1, 2.16.1-0ubuntu0.16.04.1
Ubuntu:18.04:LTSwebkitgtk2.4.11-3, 2.4.11-3ubuntu2, 2.4.11-3ubuntu3
Ubuntu:16.04:LTSwebkitgtk2.4.11-0ubuntu0.1, 2.4.10-0ubuntu1, 2.4.9-2ubuntu2

Exploit Intelligence

Timeline

  • Dec 3, 2020 CVE Published
  • Apr 14, 2021 EPSS Score
  • Jun 23, 2021 EPSS Score
  • Oct 26, 2021 EPSS Score
  • Dec 27, 2021 EPSS Score
  • Jan 6, 2022 EPSS Score
  • Feb 28, 2022 EPSS Score
  • Apr 1, 2022 EPSS Score
  • Apr 20, 2022 EPSS Score
  • May 1, 2022 EPSS Score
  • Sep 4, 2022 EPSS Score
  • Nov 6, 2022 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›