CVE-2019-0006
published 2019-01-15CVE-2019-0006: A certain crafted HTTP packet can trigger an uninitialized function pointer deference vulnerability in the Packet Forwarding Engine manager (fxpc) on all EX…
PriorityP263critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
5.26%
91.5th percentile
A certain crafted HTTP packet can trigger an uninitialized function pointer deference vulnerability in the Packet Forwarding Engine manager (fxpc) on all EX, QFX and MX Series devices in a Virtual Chassis configuration. This issue can result in a crash of the fxpc daemon or may potentially lead to remote code execution. This issue only occurs when the crafted packet it destined to the device. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D47 on EX and QFX Virtual Chassis Platforms; 15.1 versions prior to 15.1R7-S3 all Virtual Chassis Platforms 15.1X53 versions prior to 15.1X53-D50 on EX and QFX Virtual Chassis Platforms.
Affected
33 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| juniper | ex_series | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Look for crafted HTTP packets destined directly to the device (not transit traffic) on Juniper EX, QFX, or MX Series devices in a Virtual Chassis configuration, which may cause the fxpc (Packet Forwarding Engine manager) daemon to crash or behave anomalously. ↗
- →Monitor for unexpected crashes or restarts of the fxpc daemon on Juniper Virtual Chassis devices as a potential indicator of exploitation attempts. ↗
- →Exploitation requires the crafted packet to be addressed to the device itself; filter and alert on anomalous HTTP traffic destined to the management or data-plane interfaces of Virtual Chassis members. ↗
- ·Vulnerability only affects devices operating in a Virtual Chassis configuration; standalone devices are not affected. ↗
- ·Affected Junos OS versions: 14.1X53 prior to 14.1X53-D47 (EX/QFX Virtual Chassis), 15.1 prior to 15.1R7-S3 (all Virtual Chassis), and 15.1X53 prior to 15.1X53-D50 (EX/QFX Virtual Chassis). Devices running fixed versions are not vulnerable. ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-8768-g4fm-ccgh: A certain crafted HTTP packet can trigger an uninitialized function pointer deference vulnerability in the Packet Forwarding Engine manager (fxpc) on
ghsa_unreviewed·2022-05-13
CVE-2019-0006 [CRITICAL] CWE-908 GHSA-8768-g4fm-ccgh: A certain crafted HTTP packet can trigger an uninitialized function pointer deference vulnerability in the Packet Forwarding Engine manager (fxpc) on
A certain crafted HTTP packet can trigger an uninitialized function pointer deference vulnerability in the Packet Forwarding Engine manager (fxpc) on all EX, QFX and MX Series devices in a Virtual Chassis configuration. This issue can result in a crash of the fxpc daemon or may potentially lead to remote code execution. This issue only occurs when the crafted packet it destined to the device. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D47 on EX and QFX Virtual Chassis Platforms; 15.1 versions prior to 15.1R7-S3 all Virtual Chassis Platforms 15.1X53 versions prior to 15.1X53-D50 on EX and QFX Virtual Chassis Platforms.
Juniper
CVE-2019-0006: A certain crafted HTTP packet can trigger an uninitialized function pointer deference vulnerability in the Packet Forwarding Engine manager (fxpc) on
vendor_juniper·2019-01-15·CVSS 9.8
CVE-2019-0006 [CRITICAL] CWE-908 CVE-2019-0006: A certain crafted HTTP packet can trigger an uninitialized function pointer deference vulnerability in the Packet Forwarding Engine manager (fxpc) on
CVE-2019-0006: A certain crafted HTTP packet can trigger an uninitialized function pointer deference vulnerability in the Packet Forwarding Engine manager (fxpc) on all EX, QFX and MX Series devices in a Virtual Chassis configuration. This issue can result in a crash of the fxpc daemon or may potentially lead to remote code execution. This issue only occurs when the crafted packet it destined to the device. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D47 on EX and QFX Virtual Chassis Platforms; 15.1 versions prior to 15.1R7-S3 all Virtual Chassis Platforms 15.1X53 versions prior to 15.1X53-D50 on EX and QFX Virtual Chassis Platforms.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2019-8823 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
bugzilla·2020-09-07·CVSS 8.8
CVE-2019-8823 [HIGH] CVE-2019-8823 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
CVE-2019-8823 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
WebKitGTK Security Advisory WSA-2019-0006 describes the following issue:
CVE-2019-8823
Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling.
Versions affected: WebKitGTK before 2.26.1 and WPE WebKit before 2.26.1.
Discussion:
External References:
https://webkitgtk.org/security/WSA-2019-0006.html
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Via RHSA-2020:4035 https://access.redhat.com/errata/RHSA-2020:4035
---
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):
https
Bugzilla
CVE-2019-8814 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
bugzilla·2020-09-07·CVSS 8.8
CVE-2019-8814 [HIGH] CVE-2019-8814 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
CVE-2019-8814 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
WebKitGTK Security Advisory WSA-2019-0006 describes the following issue:
CVE-2019-8814
Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling.
Versions affected: WebKitGTK before 2.26.2 and WPE WebKit before 2.26.2.
Discussion:
External References:
https://webkitgtk.org/security/WSA-2019-0006.html
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Via RHSA-2020:4035 https://access.redhat.com/errata/RHSA-2020:4035
---
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):
https
Bugzilla
CVE-2019-8821 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
bugzilla·2020-09-07·CVSS 8.8
CVE-2019-8821 [HIGH] CVE-2019-8821 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
CVE-2019-8821 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
WebKitGTK Security Advisory WSA-2019-0006 describes the following issue:
CVE-2019-8821
Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling.
Versions affected: WebKitGTK before 2.24.4 and WPE WebKit before 2.24.3.
Discussion:
External References:
https://webkitgtk.org/security/WSA-2019-0006.html
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Via RHSA-2020:4035 https://access.redhat.com/errata/RHSA-2020:4035
---
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):
https
Bugzilla
CVE-2019-8819 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
bugzilla·2020-09-07·CVSS 8.8
CVE-2019-8819 [HIGH] CVE-2019-8819 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
CVE-2019-8819 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
WebKitGTK Security Advisory WSA-2019-0006 describes the following issue:
CVE-2019-8819
Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling.
Versions affected: WebKitGTK before 2.26.1 and WPE WebKit before 2.26.1.
Discussion:
External References:
https://webkitgtk.org/security/WSA-2019-0006.html
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Via RHSA-2020:4035 https://access.redhat.com/errata/RHSA-2020:4035
---
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):
https
Bugzilla
CVE-2019-8815 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
bugzilla·2020-09-07·CVSS 8.8
CVE-2019-8815 [HIGH] CVE-2019-8815 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
CVE-2019-8815 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
WebKitGTK Security Advisory WSA-2019-0006 describes the following issue:
CVE-2019-8815
Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling.
Versions affected: WebKitGTK before 2.26.0 and WPE WebKit before 2.26.0.
Discussion:
External References:
https://webkitgtk.org/security/WSA-2019-0006.html
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Via RHSA-2020:4035 https://access.redhat.com/errata/RHSA-2020:4035
---
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):
https
Bugzilla
CVE-2019-8710 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
bugzilla·2020-09-07·CVSS 8.8
CVE-2019-8710 [HIGH] CVE-2019-8710 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
CVE-2019-8710 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
WebKitGTK Security Advisory WSA-2019-0006 describes the following issue:
CVE-2019-8710
Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling.
Versions affected: WebKitGTK before 2.26.0 and WPE WebKit before 2.26.0.
Discussion:
External References:
https://webkitgtk.org/security/WSA-2019-0006.html
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Via RHSA-2020:4035 https://access.redhat.com/errata/RHSA-2020:4035
---
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):
https
Bugzilla
CVE-2019-8766 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
bugzilla·2020-09-07·CVSS 8.8
CVE-2019-8766 [HIGH] CVE-2019-8766 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
CVE-2019-8766 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
WebKitGTK Security Advisory WSA-2019-0006 describes the following issue:
CVE-2019-8766
Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling.
Versions affected: WebKitGTK before 2.26.0 and WPE WebKit before 2.26.0.
Discussion:
External References:
https://webkitgtk.org/security/WSA-2019-0006.html
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Via RHSA-2020:4035 https://access.redhat.com/errata/RHSA-2020:4035
---
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):
https
Bugzilla
CVE-2019-8743 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
bugzilla·2020-09-07·CVSS 8.8
CVE-2019-8743 [HIGH] CVE-2019-8743 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
CVE-2019-8743 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
WebKitGTK Security Advisory WSA-2019-0006 describes the following issue:
CVE-2019-8743
Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling.
Versions affected: WebKitGTK before 2.26.0 and WPE WebKit before 2.26.0.
Discussion:
External References:
https://webkitgtk.org/security/WSA-2019-0006.html
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Via RHSA-2020:4035 https://access.redhat.com/errata/RHSA-2020:4035
---
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):
https
Bugzilla
CVE-2019-8811 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
bugzilla·2020-09-07·CVSS 8.8
CVE-2019-8811 [HIGH] CVE-2019-8811 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
CVE-2019-8811 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
WebKitGTK Security Advisory WSA-2019-0006 describes the following issue:
CVE-2019-8811
Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling.
Versions affected: WebKitGTK before 2.26.1 and WPE WebKit before 2.26.1.
Discussion:
External References:
https://webkitgtk.org/security/WSA-2019-0006.html
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Via RHSA-2020:4035 https://access.redhat.com/errata/RHSA-2020:4035
---
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):
https
Bugzilla
CVE-2019-8820 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
bugzilla·2020-09-07·CVSS 8.8
CVE-2019-8820 [HIGH] CVE-2019-8820 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
CVE-2019-8820 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
WebKitGTK Security Advisory WSA-2019-0006 describes the following issue:
CVE-2019-8820
Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling.
Versions affected: WebKitGTK before 2.26.1 and WPE WebKit before 2.26.1.
Discussion:
External References:
https://webkitgtk.org/security/WSA-2019-0006.html
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Via RHSA-2020:4035 https://access.redhat.com/errata/RHSA-2020:4035
---
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):
https
Bugzilla
CVE-2019-8812 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
bugzilla·2020-09-07·CVSS 8.8
CVE-2019-8812 [HIGH] CVE-2019-8812 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
CVE-2019-8812 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
WebKitGTK Security Advisory WSA-2019-0006 describes the following issue:
CVE-2019-8812
Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling.
Versions affected: WebKitGTK before 2.26.2 and WPE WebKit before 2.26.2.
Discussion:
External References:
https://webkitgtk.org/security/WSA-2019-0006.html
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Via RHSA-2020:4035 https://access.redhat.com/errata/RHSA-2020:4035
---
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):
https
Bugzilla
CVE-2019-8822 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
bugzilla·2020-09-07·CVSS 8.8
CVE-2019-8822 [HIGH] CVE-2019-8822 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
CVE-2019-8822 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
WebKitGTK Security Advisory WSA-2019-0006 describes the following issue:
CVE-2019-8822
Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling.
Versions affected: WebKitGTK before 2.24.4 and WPE WebKit before 2.24.3.
Discussion:
External References:
https://webkitgtk.org/security/WSA-2019-0006.html
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Via RHSA-2020:4035 https://access.redhat.com/errata/RHSA-2020:4035
---
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):
https
Bugzilla
CVE-2019-8782 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
bugzilla·2020-09-07·CVSS 8.8
CVE-2019-8782 [HIGH] CVE-2019-8782 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
CVE-2019-8782 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
WebKitGTK Security Advisory WSA-2019-0006 describes the following issue:
CVE-2019-8782
Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling.
Versions affected: WebKitGTK before 2.26.0 and WPE WebKit before 2.26.0.
Discussion:
External References:
https://webkitgtk.org/security/WSA-2019-0006.html
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Via RHSA-2020:4035 https://access.redhat.com/errata/RHSA-2020:4035
---
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):
https
Bugzilla
CVE-2019-8816 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
bugzilla·2020-09-07·CVSS 8.8
CVE-2019-8816 [HIGH] CVE-2019-8816 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
CVE-2019-8816 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
WebKitGTK Security Advisory WSA-2019-0006 describes the following issue:
CVE-2019-8816
Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling.
Versions affected: WebKitGTK before 2.26.1 and WPE WebKit before 2.26.1.
Discussion:
External References:
https://webkitgtk.org/security/WSA-2019-0006.html
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Via RHSA-2020:4035 https://access.redhat.com/errata/RHSA-2020:4035
---
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):
https
Bugzilla
CVE-2019-8765 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
bugzilla·2020-09-07·CVSS 8.8
CVE-2019-8765 [HIGH] CVE-2019-8765 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
CVE-2019-8765 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
WebKitGTK Security Advisory WSA-2019-0006 describes the following issue:
CVE-2019-8765
Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling.
Versions affected: WebKitGTK before 2.24.4 and WPE WebKit before 2.24.3.
Discussion:
External References:
https://webkitgtk.org/security/WSA-2019-0006.html
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Via RHSA-2020:4035 https://access.redhat.com/errata/RHSA-2020:4035
---
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):
https
Bugzilla
CVE-2019-8808 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
bugzilla·2020-09-07·CVSS 8.8
CVE-2019-8808 [HIGH] CVE-2019-8808 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
CVE-2019-8808 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
WebKitGTK Security Advisory WSA-2019-0006 describes the following issue:
CVE-2019-8808
Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling.
Versions affected: WebKitGTK before 2.26.0 and WPE WebKit before 2.26.0.
Discussion:
External References:
https://webkitgtk.org/security/WSA-2019-0006.html
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Via RHSA-2020:4035 https://access.redhat.com/errata/RHSA-2020:4035
---
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):
https
Bugzilla
CVE-2019-8783 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
bugzilla·2020-09-07·CVSS 8.8
CVE-2019-8783 [HIGH] CVE-2019-8783 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
CVE-2019-8783 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
WebKitGTK Security Advisory WSA-2019-0006 describes the following issue:
CVE-2019-8783
Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling.
Versions affected: WebKitGTK before 2.26.1 and WPE WebKit before 2.26.1.
Discussion:
External References:
https://webkitgtk.org/security/WSA-2019-0006.html
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Via RHSA-2020:4035 https://access.redhat.com/errata/RHSA-2020:4035
---
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):
https
Bugzilla
CVE-2019-8764 webkitgtk: Incorrect state management leading to universal cross-site scripting
bugzilla·2020-09-07·CVSS 6.1
CVE-2019-8764 [MEDIUM] CVE-2019-8764 webkitgtk: Incorrect state management leading to universal cross-site scripting
CVE-2019-8764 webkitgtk: Incorrect state management leading to universal cross-site scripting
WebKitGTK Security Advisory WSA-2019-0006 describes the following issue:
CVE-2019-8764
Impact: Processing maliciously crafted web content may lead to universal cross site scripting. Description: A logic issue was addressed with improved state management.
Versions affected: WebKitGTK before 2.26.0 and WPE WebKit before 2.26.0.
Discussion:
External References:
https://webkitgtk.org/security/WSA-2019-0006.html
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Via RHSA-2020:4035 https://access.redhat.com/errata/RHSA-2020:4035
---
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):
https://access.redha
Bugzilla
CVE-2019-8813 webkitgtk: Incorrect state management leading to universal cross-site scripting
bugzilla·2020-09-07·CVSS 6.1
CVE-2019-8813 [MEDIUM] CVE-2019-8813 webkitgtk: Incorrect state management leading to universal cross-site scripting
CVE-2019-8813 webkitgtk: Incorrect state management leading to universal cross-site scripting
WebKitGTK Security Advisory WSA-2019-0006 describes the following issue:
CVE-2019-8813
Impact: Processing maliciously crafted web content may lead to universal cross site scripting. Description: A logic issue was addressed with improved state management.
Versions affected: WebKitGTK before 2.26.1 and WPE WebKit before 2.26.1.
Discussion:
External References:
https://webkitgtk.org/security/WSA-2019-0006.html
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Via RHSA-2020:4035 https://access.redhat.com/errata/RHSA-2020:4035
---
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):
https://access.redha
2019-01-15
Published