ID CVE-2021-21806
Summary An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.3 x64. A specially crafted HTML web page can cause a use-after-free condition, resulting in remote code execution. The victim needs to visit a malicious web site to trigger the vulnerability.
References
Vulnerable Configurations
  • cpe:2.3:a:webkitgtk:webkitgtk:2.30.3:*:*:*:*:*:x64:*
    cpe:2.3:a:webkitgtk:webkitgtk:2.30.3:*:*:*:*:*:x64:*
CVSS
Base: 6.8 (as of 06-10-2022 - 18:15)
Impact:
Exploitability:
CWE CWE-416
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
Last major update 06-10-2022 - 18:15
Published 08-07-2021 - 12:15
Last modified 06-10-2022 - 18:15
Back to Top