CVSS: 9.8EPSS: 1%CPEs: 10EXPL: 0CVE-2021-1870 – Apple iOS, iPadOS, and macOS WebKit Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-1870
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. Se abordó un problema de lógica con unas restricciones mejoradas. • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN6ZOD62CTO54CHTMJTHVEF6R2Y532TJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3L6ZZOU5JS7E3RFYGLP7UFLXCG7TNLU https://security.gentoo.org/glsa/202104-03 https://support.apple.com/en-us/HT212146 https://support.apple.com/en-us/HT212147 https://access.redhat.com/security/cve/CVE-2021-1870 https://bugzilla.redhat.com/show_bug.cgi?id=1944350 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 0%CPEs: 8EXPL: 0CVE-2020-13753
https://notcve.org/view.php?id=CVE-2020-13753
The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to CLONE_NEWUSER and the TIOCSTI ioctl. CLONE_NEWUSER could potentially be used to confuse xdg-desktop-portal, which allows access outside the sandbox. TIOCSTI can be used to directly execute commands outside the sandbox by writing to the controlling terminal's input buffer, similar to CVE-2017-5226. El sandbox bubblewrap de WebKitGTK y WPE WebKit, versiones anteriores a 2.28.3, no pudo bloquear apropiadamente el acceso a CLONE_NEWUSER y al ioctl TIOCSTI. CLONE_NEWUSER podría ser usada potencialmente para confundir xdg-desktop-portal, que permite el acceso fuera del sandbox. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00074.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GER2ATKZXDHM7FFYJH67ZPNZZX5VOUVM https://security.gentoo.org/glsa/202007-11 https://trac.webkit.org/changeset/262368/webkit https://usn.ubuntu.com/4422-1 https://www.debian.org/security/2020/dsa-4724 https://www.openwall.com/lists/oss-security/2020/07/10/1 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 1%CPEs: 8EXPL: 0CVE-2020-11793 – webkitgtk: use-after-free via crafted web content
https://notcve.org/view.php?id=CVE-2020-11793
A use-after-free issue exists in WebKitGTK before 2.28.1 and WPE WebKit before 2.28.1 via crafted web content that allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash). Hay un uso de la memoria previamente liberada en WebKitGTK versiones anteriores a la versión 2.28.1 y WPE WebKit versiones anteriores a la versión 2.28.1, por medio de un contenido web especialmente diseñado que permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de la memoria y bloqueo de aplicación). A use-after-free flaw exists in WebKitGTK. This flaw allows remote attackers to execute arbitrary code or cause a denial of service. • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00008.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3P4YISPE5QX4YD54GDRZIH2X5RCH3QGW https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K3MQTRC6ITFTVS5R5Z24PMJS6FXJKGRD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UTKY2MWP6PB6TE3ZKOOMKX7HZUCQNYF6 https://security.gentoo.org/glsa/202006-08 https://usn.ubuntu.com/4331-1 https://webkitg • CWE-416: Use After Free •
CVSS: 9.8EPSS: 1%CPEs: 8EXPL: 0CVE-2020-10018 – webkitgtk: Use-after-free issue in accessibility/AXObjectCache.cpp
https://notcve.org/view.php?id=CVE-2020-10018
WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0) contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. This issue has been fixed in 2.28.0 with improved memory handling. WebKitGTK hasta la versión 2.26.4 y WPE WebKit hasta la versión 2.26.4 (que son las versiones anteriores a la versión 2.28.0) contiene un problema de corrupción de memoria (use-after-free) que puede conducir a la ejecución de código arbitrario. Este problema se ha solucionado en 2.28.0 con un manejo mejorado de la memoria. • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00008.html https://bugs.webkit.org/show_bug.cgi?id=204342#c21 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DOR5LPL4UASVAR76EIHCL4O2KGDWGC6K https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GLERWAS2LL7SX2GHA2DDZ2PL3QC5OHIF https://security.gentoo.org/glsa/202006-08 https://usn.ubuntu.com/4310-1 https://webkitgtk.org/security/WSA-2020-0003.html https://wpewebki • CWE-400: Uncontrolled Resource Consumption CWE-416: Use After Free •
CVSS: 6.1EPSS: 0%CPEs: 9EXPL: 0CVE-2020-3867 – webkitgtk: Incorrect state management leading to universal cross-site scripting
https://notcve.org/view.php?id=CVE-2020-3867
A logic issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to universal cross site scripting. Se abordó un problema lógico con una administración de estado mejorada. Este problema es corregido en iOS versión 13.3.1 y iPadOS versión 13.3.1, tvOS versión 13.3.1, Safari versión 13.0.5, iTunes para Windows versión 12.10.4, iCloud para Windows versión 11.0, iCloud para Windows versión 7.17. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00004.html https://security.gentoo.org/glsa/202003-22 https://support.apple.com/HT210947 https://support.apple.com/HT210948 https://access.redhat.com/security/cve/CVE-2020-3867 https://bugzilla.redhat.com/show_bug.cgi?id=1876522 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •