CVE-2019-8720

KEV
Published: Mar 06, 2023 Last Modified: Nov 18, 2025
ExploitDB:
Other exploit source:
Google Dorks:
HIGH 8,8
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: required
Scope: unchanged
Confidentiality: high
Integrity: high
Availability: high

Description

AI Translation Available

A vulnerability was found in WebKit. The flaw is triggered when processing maliciously crafted web content that may lead to arbitrary code execution. Improved memory handling addresses the multiple memory corruption issues.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,0784
Percentile
0,9th
Updated

EPSS Score Trend (Last 90 Days)

119

Improper Restriction of Operations within the Bounds of a Memory Buffer

Stable
Abstraction: Class Structure: Simple
Common Consequences
Security Scopes Affected:
Integrity Confidentiality Availability
Potential Impacts:
Execute Unauthorized Code Or Commands Modify Memory Read Memory Dos: Crash, Exit, Or Restart Dos: Resource Consumption (Cpu) Dos: Resource Consumption (Memory)
Applicable Platforms
Languages: Assembly, C, C++, Memory-Unsafe
Likelihood of Exploit: High
View CWE Details
Operating System

Enterprise Linux by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux
Version 8.0
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:arm64:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux Eus by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux Eus
Version 8.4
cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux Server Tus by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux Server Tus
Version 8.6
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Codeready Linux Builder For Ibm Z Systems Eus by Redhat

Product Information
Vendor Redhat
Product Codeready Linux Builder For Ibm Z Systems Eus
Version 8.0
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:8.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Wpe Webkit by Wpewebkit

Product Information
Vendor Wpewebkit
Product Wpe Webkit
Version Range Affected
To 2.26.0 (exclusive)
cpe:2.3:a:wpewebkit:wpe_webkit:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux For Power Big Endian by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux For Power Big Endian
Version 7.0
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux Eus by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux Eus
Version 8.6
cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:arm64:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions
Version 8.4
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux Desktop by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux Desktop
Version 7.0
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux For Scientific Computing by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux For Scientific Computing
Version 7.0
cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Codeready Linux Builder For Ibm Z Systems Eus by Redhat

Product Information
Vendor Redhat
Product Codeready Linux Builder For Ibm Z Systems Eus
Version 8.6
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:8.6:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Codeready Linux Builder For Ibm Z Systems Eus by Redhat

Product Information
Vendor Redhat
Product Codeready Linux Builder For Ibm Z Systems Eus
Version 8.4
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:8.4:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux For Power Little Endian by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux For Power Little Endian
Version 8.0
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux Server by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux Server
Version 7.0
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux For Ibm Z Systems by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux For Ibm Z Systems
Version 7.0
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Codeready Linux Builder For Power Little Endian Eus by Redhat

Product Information
Vendor Redhat
Product Codeready Linux Builder For Power Little Endian Eus
Version 8.4
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:8.4:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux Eus by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux Eus
Version 8.6
cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux For Power Little Endian Eus by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux For Power Little Endian Eus
Version 8.6
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.6:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux Server Update Services For Sap Solutions by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux Server Update Services For Sap Solutions
Version 8.6
cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.6:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux Server Aus by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux Server Aus
Version 8.6
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux Workstation by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux Workstation
Version 7.0
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Codeready Linux Builder For Power Little Endian Eus by Redhat

Product Information
Vendor Redhat
Product Codeready Linux Builder For Power Little Endian Eus
Version 8.6
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:8.6:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Codeready Linux Builder For Arm64 Eus by Redhat

Product Information
Vendor Redhat
Product Codeready Linux Builder For Arm64 Eus
Version 8.0
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:8.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions
Version 8.6
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.6:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux For Ibm Z Systems by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux For Ibm Z Systems
Version 8.0
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Codeready Linux Builder Eus by Redhat

Product Information
Vendor Redhat
Product Codeready Linux Builder Eus
Version 8.6
cpe:2.3:a:redhat:codeready_linux_builder_eus:8.6:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux For Ibm Z Systems Eus by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux For Ibm Z Systems Eus
Version 8.4
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.4:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Codeready Linux Builder by Redhat

Product Information
Vendor Redhat
Product Codeready Linux Builder
Version 8.0
cpe:2.3:a:redhat:codeready_linux_builder:8.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux For Power Little Endian Eus by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux For Power Little Endian Eus
Version 8.4
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.4:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Webkitgtk by Webkitgtk

Product Information
Vendor Webkitgtk
Product Webkitgtk
Version Range Affected
To 2.26.0 (exclusive)
cpe:2.3:a:webkitgtk:webkitgtk:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux For Ibm Z Systems Eus by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux For Ibm Z Systems Eus
Version 8.6
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.6:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Codeready Linux Builder For Arm64 Eus by Redhat

Product Information
Vendor Redhat
Product Codeready Linux Builder For Arm64 Eus
Version 8.4
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:8.4:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux Server Tus by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux Server Tus
Version 8.4
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Codeready Linux Builder Eus by Redhat

Product Information
Vendor Redhat
Product Codeready Linux Builder Eus
Version 8.4
cpe:2.3:a:redhat:codeready_linux_builder_eus:8.4:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Codeready Linux Builder For Power Little Endian Eus by Redhat

Product Information
Vendor Redhat
Product Codeready Linux Builder For Power Little Endian Eus
Version 8.0
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:8.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux For Power Little Endian by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux For Power Little Endian
Version 7.0
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux Server Update Services For Sap Solutions by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux Server Update Services For Sap Solutions
Version 8.4
cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux Server Aus by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux Server Aus
Version 8.4
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux Eus by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux Eus
Version 8.4
cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:arm64:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux For Arm64 Eus by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux For Arm64 Eus
Version 8.6
cpe:2.3:o:redhat:enterprise_linux_for_arm64_eus:8.6:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Codeready Linux Builder For Arm64 Eus by Redhat

Product Information
Vendor Redhat
Product Codeready Linux Builder For Arm64 Eus
Version 8.6
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:8.6:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://www.cisa.gov/known-exploited-vulnerabilities-catalo…
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019…
https://bugzilla.redhat.com/show_bug.cgi?id=1876611
https://bugzilla.redhat.com/show_bug.cgi?id=1876611
https://webkitgtk.org/security/WSA-2019-0005.html
https://webkitgtk.org/security/WSA-2019-0005.html
https://bugzilla.redhat.com/show_bug.cgi?id=1876611
https://bugzilla.redhat.com/show_bug.cgi?id=1876611
https://webkitgtk.org/security/WSA-2019-0005.html
https://webkitgtk.org/security/WSA-2019-0005.html