VDB

CVE-2020-13584

CVE-2020-13584 PUBLISHED

An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.1 x64. A specially crafted HTML web page can cause a use-after-free condition, resulting in a remote code execution. The victim needs to visit a malicious web site to trigger this vulnerability.

EPSS 0.78% · 74.1th percentile

Risk Scores

EPSS Score
0.78%
74.1th percentile

Affected Products

VendorProductVersions
Ubuntu:16.04:LTSwebkit2gtk2.10.3+dfsg1-1, 2.18.4-0ubuntu0.16.04.1, 2.18.0-0ubuntu0.16.04.2
Ubuntu:22.04:LTSwpewebkit2.32.4-1, 2.34.1-1, 0
Ubuntu:18.04:LTSqtwebkit-source2.3.2-0ubuntu13, 0
Ubuntu:18.04:LTSwebkit2gtk2.28.4-0ubuntu0.18.04.1, 0, 2.18.0-2
Ubuntu:20.04:LTSwebkit2gtk2.26.1-3, 2.26.2-1, 0
Ubuntu:18.04:LTSqtwebkit-opensource-src5.9.1+dfsg-5ubuntu3, 5.9.1+dfsg-5ubuntu1, 0
Ubuntu:24.04:LTSqtwebkit-opensource-src*, *, 5.212.0~alpha4-36
Ubuntu:16.04:LTSqtwebkit-source2.3.2-0ubuntu10, 2.3.2-0ubuntu11, 0
Ubuntu:18.04:LTSwebkitgtk2.4.11-3ubuntu3, 2.4.11-3ubuntu2, 2.4.11-3
Ubuntu:20.04:LTSqtwebkit-opensource-src5.212.0~alpha3-3, *, 5.212.0~alpha4-1ubuntu2.1
Ubuntu:20.04:LTSwpewebkit0, 2.28.0-1, 2.28.1-1
Ubuntu:16.04:LTSwebkitgtk2.4.11-0ubuntu0.1, 0, 2.4.9-2ubuntu2
Ubuntu:16.04:LTSqtwebkit-opensource-src0, 5.4.2+dfsg-1ubuntu2.1, *
Ubuntu:22.04:LTSqtwebkit-opensource-src0, 5.212.0~alpha4-12, 5.212.0~alpha4-13

Exploit Intelligence

Timeline

  • Dec 3, 2020 CVE Published
  • Apr 14, 2021 EPSS Score
  • Jun 23, 2021 EPSS Score
  • Oct 26, 2021 EPSS Score
  • Dec 27, 2021 EPSS Score
  • Jan 6, 2022 EPSS Score
  • Feb 28, 2022 EPSS Score
  • Apr 1, 2022 EPSS Score
  • May 1, 2022 EPSS Score
  • Jul 3, 2022 EPSS Score
  • Nov 6, 2022 EPSS Score
  • Jan 8, 2023 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›