Red Hat: CVE-2020-10018: CVE-2020-10018 webkitgtk: Use-after-free issue in accessibility/AXObjectCache.cpp (Multiple Advisories)
8
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
03/02/2020
10/01/2020
10/01/2020
12/15/2023
Description
WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0) contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. This issue has been fixed in 2.28.0 with improved memory handling.
Solution(s)
- redhat-upgrade-dleyna-renderer
- redhat-upgrade-dleyna-renderer-debuginfo
- redhat-upgrade-dleyna-renderer-debugsource
- redhat-upgrade-frei0r-devel
- redhat-upgrade-frei0r-plugins
- redhat-upgrade-frei0r-plugins-debuginfo
- redhat-upgrade-frei0r-plugins-debugsource
- redhat-upgrade-frei0r-plugins-opencv
- redhat-upgrade-frei0r-plugins-opencv-debuginfo
- redhat-upgrade-gdm
- redhat-upgrade-gdm-debuginfo
- redhat-upgrade-gdm-debugsource
- redhat-upgrade-gnome-classic-session
- redhat-upgrade-gnome-control-center
- redhat-upgrade-gnome-control-center-debuginfo
- redhat-upgrade-gnome-control-center-debugsource
- redhat-upgrade-gnome-control-center-filesystem
- redhat-upgrade-gnome-photos
- redhat-upgrade-gnome-photos-debuginfo
- redhat-upgrade-gnome-photos-debugsource
- redhat-upgrade-gnome-photos-tests
- redhat-upgrade-gnome-remote-desktop
- redhat-upgrade-gnome-remote-desktop-debuginfo
- redhat-upgrade-gnome-remote-desktop-debugsource
- redhat-upgrade-gnome-session
- redhat-upgrade-gnome-session-debuginfo
- redhat-upgrade-gnome-session-debugsource
- redhat-upgrade-gnome-session-wayland-session
- redhat-upgrade-gnome-session-xsession
- redhat-upgrade-gnome-settings-daemon
- redhat-upgrade-gnome-settings-daemon-debuginfo
- redhat-upgrade-gnome-settings-daemon-debugsource
- redhat-upgrade-gnome-shell
- redhat-upgrade-gnome-shell-debuginfo
- redhat-upgrade-gnome-shell-debugsource
- redhat-upgrade-gnome-shell-extension-apps-menu
- redhat-upgrade-gnome-shell-extension-auto-move-windows
- redhat-upgrade-gnome-shell-extension-common
- redhat-upgrade-gnome-shell-extension-dash-to-dock
- redhat-upgrade-gnome-shell-extension-desktop-icons
- redhat-upgrade-gnome-shell-extension-disable-screenshield
- redhat-upgrade-gnome-shell-extension-drive-menu
- redhat-upgrade-gnome-shell-extension-horizontal-workspaces
- redhat-upgrade-gnome-shell-extension-launch-new-instance
- redhat-upgrade-gnome-shell-extension-native-window-placement
- redhat-upgrade-gnome-shell-extension-no-hot-corner
- redhat-upgrade-gnome-shell-extension-panel-favorites
- redhat-upgrade-gnome-shell-extension-places-menu
- redhat-upgrade-gnome-shell-extension-screenshot-window-sizer
- redhat-upgrade-gnome-shell-extension-systemmonitor
- redhat-upgrade-gnome-shell-extension-top-icons
- redhat-upgrade-gnome-shell-extension-updates-dialog
- redhat-upgrade-gnome-shell-extension-user-theme
- redhat-upgrade-gnome-shell-extension-window-grouper
- redhat-upgrade-gnome-shell-extension-window-list
- redhat-upgrade-gnome-shell-extension-windowsnavigator
- redhat-upgrade-gnome-shell-extension-workspace-indicator
- redhat-upgrade-gnome-terminal
- redhat-upgrade-gnome-terminal-debuginfo
- redhat-upgrade-gnome-terminal-debugsource
- redhat-upgrade-gnome-terminal-nautilus
- redhat-upgrade-gnome-terminal-nautilus-debuginfo
- redhat-upgrade-gsettings-desktop-schemas
- redhat-upgrade-gsettings-desktop-schemas-devel
- redhat-upgrade-gtk-doc
- redhat-upgrade-gtk-update-icon-cache
- redhat-upgrade-gtk-update-icon-cache-debuginfo
- redhat-upgrade-gtk3
- redhat-upgrade-gtk3-debuginfo
- redhat-upgrade-gtk3-debugsource
- redhat-upgrade-gtk3-devel
- redhat-upgrade-gtk3-devel-debuginfo
- redhat-upgrade-gtk3-immodule-xim
- redhat-upgrade-gtk3-immodule-xim-debuginfo
- redhat-upgrade-gtk3-immodules-debuginfo
- redhat-upgrade-gtk3-tests-debuginfo
- redhat-upgrade-gvfs
- redhat-upgrade-gvfs-afc
- redhat-upgrade-gvfs-afc-debuginfo
- redhat-upgrade-gvfs-afp
- redhat-upgrade-gvfs-afp-debuginfo
- redhat-upgrade-gvfs-archive
- redhat-upgrade-gvfs-archive-debuginfo
- redhat-upgrade-gvfs-client
- redhat-upgrade-gvfs-client-debuginfo
- redhat-upgrade-gvfs-debuginfo
- redhat-upgrade-gvfs-debugsource
- redhat-upgrade-gvfs-devel
- redhat-upgrade-gvfs-fuse
- redhat-upgrade-gvfs-fuse-debuginfo
- redhat-upgrade-gvfs-goa
- redhat-upgrade-gvfs-goa-debuginfo
- redhat-upgrade-gvfs-gphoto2
- redhat-upgrade-gvfs-gphoto2-debuginfo
- redhat-upgrade-gvfs-mtp
- redhat-upgrade-gvfs-mtp-debuginfo
- redhat-upgrade-gvfs-smb
- redhat-upgrade-gvfs-smb-debuginfo
- redhat-upgrade-libraw
- redhat-upgrade-libraw-debuginfo
- redhat-upgrade-libraw-debugsource
- redhat-upgrade-libraw-devel
- redhat-upgrade-libraw-samples-debuginfo
- redhat-upgrade-libsoup
- redhat-upgrade-libsoup-debuginfo
- redhat-upgrade-libsoup-debugsource
- redhat-upgrade-libsoup-devel
- redhat-upgrade-mutter
- redhat-upgrade-mutter-debuginfo
- redhat-upgrade-mutter-debugsource
- redhat-upgrade-mutter-devel
- redhat-upgrade-mutter-tests-debuginfo
- redhat-upgrade-nautilus
- redhat-upgrade-nautilus-debuginfo
- redhat-upgrade-nautilus-debugsource
- redhat-upgrade-nautilus-devel
- redhat-upgrade-nautilus-extensions
- redhat-upgrade-nautilus-extensions-debuginfo
- redhat-upgrade-packagekit
- redhat-upgrade-packagekit-command-not-found
- redhat-upgrade-packagekit-command-not-found-debuginfo
- redhat-upgrade-packagekit-cron
- redhat-upgrade-packagekit-debuginfo
- redhat-upgrade-packagekit-debugsource
- redhat-upgrade-packagekit-glib
- redhat-upgrade-packagekit-glib-debuginfo
- redhat-upgrade-packagekit-glib-devel
- redhat-upgrade-packagekit-gstreamer-plugin
- redhat-upgrade-packagekit-gstreamer-plugin-debuginfo
- redhat-upgrade-packagekit-gtk3-module
- redhat-upgrade-packagekit-gtk3-module-debuginfo
- redhat-upgrade-pipewire
- redhat-upgrade-pipewire-alsa-debuginfo
- redhat-upgrade-pipewire-debuginfo
- redhat-upgrade-pipewire-debugsource
- redhat-upgrade-pipewire-devel
- redhat-upgrade-pipewire-doc
- redhat-upgrade-pipewire-gstreamer-debuginfo
- redhat-upgrade-pipewire-libs
- redhat-upgrade-pipewire-libs-debuginfo
- redhat-upgrade-pipewire-utils
- redhat-upgrade-pipewire-utils-debuginfo
- redhat-upgrade-pipewire0-2-debugsource
- redhat-upgrade-pipewire0-2-devel
- redhat-upgrade-pipewire0-2-libs
- redhat-upgrade-pipewire0-2-libs-debuginfo
- redhat-upgrade-potrace
- redhat-upgrade-potrace-debuginfo
- redhat-upgrade-potrace-debugsource
- redhat-upgrade-pygobject3-debuginfo
- redhat-upgrade-pygobject3-debugsource
- redhat-upgrade-pygobject3-devel
- redhat-upgrade-python3-gobject
- redhat-upgrade-python3-gobject-base
- redhat-upgrade-python3-gobject-base-debuginfo
- redhat-upgrade-python3-gobject-debuginfo
- redhat-upgrade-tracker
- redhat-upgrade-tracker-debuginfo
- redhat-upgrade-tracker-debugsource
- redhat-upgrade-tracker-devel
- redhat-upgrade-vte-profile
- redhat-upgrade-vte291
- redhat-upgrade-vte291-debuginfo
- redhat-upgrade-vte291-debugsource
- redhat-upgrade-vte291-devel
- redhat-upgrade-vte291-devel-debuginfo
- redhat-upgrade-webkit2gtk3
- redhat-upgrade-webkit2gtk3-debuginfo
- redhat-upgrade-webkit2gtk3-debugsource
- redhat-upgrade-webkit2gtk3-devel
- redhat-upgrade-webkit2gtk3-devel-debuginfo
- redhat-upgrade-webkit2gtk3-jsc
- redhat-upgrade-webkit2gtk3-jsc-debuginfo
- redhat-upgrade-webkit2gtk3-jsc-devel
- redhat-upgrade-webkit2gtk3-jsc-devel-debuginfo
- redhat-upgrade-webkitgtk4
- redhat-upgrade-webkitgtk4-debuginfo
- redhat-upgrade-webkitgtk4-devel
- redhat-upgrade-webkitgtk4-doc
- redhat-upgrade-webkitgtk4-jsc
- redhat-upgrade-webkitgtk4-jsc-devel
- redhat-upgrade-webrtc-audio-processing
- redhat-upgrade-webrtc-audio-processing-debuginfo
- redhat-upgrade-webrtc-audio-processing-debugsource
- redhat-upgrade-xdg-desktop-portal
- redhat-upgrade-xdg-desktop-portal-debuginfo
- redhat-upgrade-xdg-desktop-portal-debugsource
- redhat-upgrade-xdg-desktop-portal-gtk
- redhat-upgrade-xdg-desktop-portal-gtk-debuginfo
- redhat-upgrade-xdg-desktop-portal-gtk-debugsource
Advanced vulnerability management analytics and reporting.
Key Features
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center