Remote Code Execution Vulnerability in Webkit WebKitGTK 2.30.0 via WebSocket Use-After-Free

Remote Code Execution Vulnerability in Webkit WebKitGTK 2.30.0 via WebSocket Use-After-Free

CVE-2020-13543 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

A code execution vulnerability exists in the WebSocket functionality of Webkit WebKitGTK 2.30.0. A specially crafted web page can trigger a use-after-free vulnerability which can lead to remote code execution. An attacker can get a user to visit a webpage to trigger this vulnerability.

Learn more about our Web App Pen Testing.