webkit2gtk: use-after-free may lead to arbitrary code execution via crafted web content (CVE-2020-13558)| ID: oval:org.secpod.oval:def:1801941 | Date: (C)2021-08-02 (M)2024-05-22 |
| Class: PATCH | Family: unix |
Processing maliciously crafted web content may lead to arbitrary code execution. A use after free issue in the AudioSourceProviderGStreamer class was addressed with improved memory management. Versions affected: WebKitGTK before 2.30.5 and WPE WebKit before 2.30.5. Reference: https://webkitgtk.org/security/WSA-2021-0001.html
| Platform: |
| Alpine Linux 3.13 |
| Alpine Linux 3.14 |
