DEBIAN-CVE-2020-9802

DEBIAN-CVE-2020-9802 PUBLISHED CVSS 8.800000190734863 HIGH

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.

Risk Scores

CVSS 3.1

8.800000190734863

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products

Vendor	Product	Versions
Debian:13	wpewebkit	0, 0, 0
Debian:13	webkit2gtk	0, 0, 0
Debian:11	webkit2gtk	0, 0, 0
Debian:12	wpewebkit	0, 0, 0
Debian:12	webkit2gtk	0, 0, 0
Debian:14	wpewebkit	0, 0, 0
Debian:14	webkit2gtk	0, 0, 0
Debian:11	wpewebkit	0, 0, 0

Exploit Intelligence

khcujw/CVE-2020-9802 (github-poc-repo)
iOS browser exploit for CVE-2020-9802, an old JIT bug. (github-poc-repo)
iOS browser exploit for CVE-2020-9802, an old JIT bug. (github-poc)
khcujw/CVE-2020-9802 (github-poc)

Timeline

Jun 9, 2020 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2020-9802 advisory

Open in Interactive Console →