CVE-2018-12294 — Use After Free in Webkitgtk

CWE-416 — Use After Free5 documents5 sources
Severity
8.8HIGHNVD
EPSS
0.7%
top 27.69%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Webkit Webkitgtk
Timeline
PublishedJun 19
Latest updateMay 14

Description

WebCore/platform/graphics/texmap/TextureMapperLayer.cpp in WebKit, as used in WebKitGTK+ prior to version 2.20.2, is vulnerable to a use after free for a WebCore::TextureMapperLayer object.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages1 packages

â–¶NVDwebkit/webkitgtk< 2.20.2

🔴Vulnerability Details

3
GHSA
GHSA-xf2c-wp2f-v3jr: WebCore/platform/graphics/texmap/TextureMapperLayer↗2022-05-14
â–¶
OSV
CVE-2018-12294: WebCore/platform/graphics/texmap/TextureMapperLayer↗2018-06-19
â–¶
CVEList
CVE-2018-12294: WebCore/platform/graphics/texmap/TextureMapperLayer↗2018-06-19
â–¶

📋Vendor Advisories

1
Debian
CVE-2018-12294: webkit2gtk - WebCore/platform/graphics/texmap/TextureMapperLayer.cpp in WebKit, as used in We...↗2018
â–¶
CVE-2018-12294 — Use After Free in Webkit Webkitgtk | cvebase