Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com

CVE-2020-13543

Description

A code execution vulnerability exists in the WebSocket functionality of Webkit WebKitGTK 2.30.0. A specially crafted web page can trigger a use-after-free vulnerability which can lead to remote code execution. An attacker can get a user to visit a webpage to trigger this vulnerability.

POC

Reference

- https://talosintelligence.com/vulnerability_reports/TALOS-2020-1155

- https://www.oracle.com/security-alerts/cpuapr2022.html

Github

No PoCs found on GitHub currently.