Open mend-for-github-com[bot] opened 10 months ago
Unofficial mirror of the WebKit SVN repository
Library home page: https://github.com/WebKit/webkit.git
Found in HEAD commit: 67e433f207a0fc9c0fb2b8f7a2906f254c8c4b87
Found in base branch: master
/node_modules/gl/angle/src/libANGLE/formatutils.cpp
Out of bounds read in ANGLE allowed a remote attacker to obtain sensitive data via a crafted HTML page.
Publish Date: 2021-11-02
URL: CVE-2020-16048
Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: None - Availability Impact: None
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16048
Release Date: 2021-11-02
Fix Resolution: 20.04.5, 20.10.3, 21.04.2, 21.10.0
CVE-2020-16048 - Medium Severity Vulnerability
Vulnerable Library - webkit96cf2aa4aeac1e4f03ee5cf45ac858b9313f1bd2
Unofficial mirror of the WebKit SVN repository
Library home page: https://github.com/WebKit/webkit.git
Found in HEAD commit: 67e433f207a0fc9c0fb2b8f7a2906f254c8c4b87
Found in base branch: master
Vulnerable Source Files (1)
/node_modules/gl/angle/src/libANGLE/formatutils.cpp
Vulnerability Details
Out of bounds read in ANGLE allowed a remote attacker to obtain sensitive data via a crafted HTML page.
Publish Date: 2021-11-02
URL: CVE-2020-16048
CVSS 3 Score Details (6.5)
Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: None - Availability Impact: None
For more information on CVSS3 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16048
Release Date: 2021-11-02
Fix Resolution: 20.04.5, 20.10.3, 21.04.2, 21.10.0