VDB

CVE-2020-9894

CVE-2020-9894 PUBLISHED

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.

EPSS 0.51% · 67.0th percentile

Risk Scores

EPSS Score
0.51%
67.0th percentile

Affected Products

VendorProductVersions
Ubuntu:22.04:LTSqtwebkit-opensource-src0, *, *
Ubuntu:16.04:LTSqtwebkit-source0, 2.3.2-0ubuntu11, 2.3.2-0ubuntu10
Ubuntu:18.04:LTSqtwebkit-source0, 2.3.2-0ubuntu13
Ubuntu:18.04:LTSwebkitgtk2.4.11-3ubuntu2, 0, 2.4.11-3
Ubuntu:20.04:LTSqtwebkit-opensource-src5.212.0~alpha3-3, 5.212.0~alpha4-1, 5.212.0~alpha4-1ubuntu2
Ubuntu:16.04:LTSwebkit2gtk2.10.8-1ubuntu1, 2.16.1-0ubuntu0.16.04.1, 2.14.2-0ubuntu0.16.04.1
Ubuntu:20.04:LTSwebkit2gtk2.28.3-0ubuntu0.20.04.1, 2.28.2-0ubuntu0.20.04.1, 2.28.1-1
Ubuntu:20.04:LTSwpewebkit0, 2.26.3-1, 2.26.4-1build1
Ubuntu:24.04:LTSqtwebkit-opensource-src5.212.0~alpha4-34, 5.212.0~alpha4-33, 0
Ubuntu:18.04:LTSqtwebkit-opensource-src*, 5.9.1+dfsg-5ubuntu3, 0
Ubuntu:18.04:LTSwebkit2gtk2.22.5-0ubuntu0.18.04.1, 2.22.4-0ubuntu0.18.04.1, 2.22.2-0ubuntu0.18.04.2
Ubuntu:16.04:LTSqtwebkit-opensource-src0, 5.4.2+dfsg-1ubuntu2.1, 5.5.1+dfsg-2ubuntu1
Ubuntu:16.04:LTSwebkitgtk0, 2.4.9-2ubuntu2, 2.4.10-0ubuntu1

Timeline

  • Jul 15, 2020 CVE Published
  • Apr 14, 2021 EPSS Score
  • Jun 23, 2021 EPSS Score
  • Oct 26, 2021 EPSS Score
  • Dec 27, 2021 EPSS Score
  • Jan 6, 2022 EPSS Score
  • Feb 4, 2022 EPSS Score
  • Apr 1, 2022 EPSS Score
  • May 1, 2022 EPSS Score
  • Jul 3, 2022 EPSS Score
  • Sep 4, 2022 EPSS Score
  • Jan 8, 2023 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›