CVE-2020-3897

HIGH8.8EPSS 2.5%

發布日:2020/4/1修改日:2026/4/28

描述

A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution.

受影響套件(2)

Debian/webkit2gtkfrom 0, < 2.28.0-2
Debian/wpewebkitfrom 0, < 2.28.0-1

CVSS 分數

來源	版本	嚴重程度	向量
osv	CVSS 3.1	HIGH8.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2020-3897