Unrated severityNVD Advisory· Published Dec 8, 2020· Updated Aug 4, 2024

CVE-2020-27918

Description

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2, iTunes 12.11 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.

Affected products

105

osv-coords101 versions
pkg:rpm/almalinux/accountsservice pkg:rpm/almalinux/accountsservice-devel pkg:rpm/almalinux/accountsservice-libs pkg:rpm/almalinux/gdm pkg:rpm/almalinux/gnome-autoar pkg:rpm/almalinux/gnome-calculator pkg:rpm/almalinux/gnome-classic-session pkg:rpm/almalinux/gnome-control-center pkg:rpm/almalinux/gnome-control-center-filesystem pkg:rpm/almalinux/gnome-online-accounts pkg:rpm/almalinux/gnome-online-accounts-devel pkg:rpm/almalinux/gnome-session pkg:rpm/almalinux/gnome-session-kiosk-session pkg:rpm/almalinux/gnome-session-wayland-session pkg:rpm/almalinux/gnome-session-xsession pkg:rpm/almalinux/gnome-settings-daemon pkg:rpm/almalinux/gnome-shell pkg:rpm/almalinux/gnome-shell-extension-apps-menu pkg:rpm/almalinux/gnome-shell-extension-auto-move-windows pkg:rpm/almalinux/gnome-shell-extension-common pkg:rpm/almalinux/gnome-shell-extension-dash-to-dock pkg:rpm/almalinux/gnome-shell-extension-desktop-icons pkg:rpm/almalinux/gnome-shell-extension-disable-screenshield pkg:rpm/almalinux/gnome-shell-extension-drive-menu pkg:rpm/almalinux/gnome-shell-extension-gesture-inhibitor pkg:rpm/almalinux/gnome-shell-extension-horizontal-workspaces pkg:rpm/almalinux/gnome-shell-extension-launch-new-instance pkg:rpm/almalinux/gnome-shell-extension-native-window-placement pkg:rpm/almalinux/gnome-shell-extension-no-hot-corner pkg:rpm/almalinux/gnome-shell-extension-panel-favorites pkg:rpm/almalinux/gnome-shell-extension-places-menu pkg:rpm/almalinux/gnome-shell-extension-screenshot-window-sizer pkg:rpm/almalinux/gnome-shell-extension-systemMonitor pkg:rpm/almalinux/gnome-shell-extension-top-icons pkg:rpm/almalinux/gnome-shell-extension-updates-dialog pkg:rpm/almalinux/gnome-shell-extension-user-theme pkg:rpm/almalinux/gnome-shell-extension-window-grouper pkg:rpm/almalinux/gnome-shell-extension-window-list pkg:rpm/almalinux/gnome-shell-extension-windowsNavigator pkg:rpm/almalinux/gnome-shell-extension-workspace-indicator pkg:rpm/almalinux/gnome-software pkg:rpm/almalinux/gnome-software-devel pkg:rpm/almalinux/gsettings-desktop-schemas pkg:rpm/almalinux/gsettings-desktop-schemas-devel pkg:rpm/almalinux/gtk3 pkg:rpm/almalinux/gtk3-devel pkg:rpm/almalinux/gtk3-immodule-xim pkg:rpm/almalinux/gtk-update-icon-cache pkg:rpm/almalinux/LibRaw pkg:rpm/almalinux/LibRaw-devel pkg:rpm/almalinux/mutter pkg:rpm/almalinux/mutter-devel pkg:rpm/almalinux/vino pkg:rpm/almalinux/webkit2gtk3 pkg:rpm/almalinux/webkit2gtk3-devel pkg:rpm/almalinux/webkit2gtk3-jsc pkg:rpm/almalinux/webkit2gtk3-jsc-devel pkg:rpm/opensuse/gtk3&distro=openSUSE%20Tumbleweed pkg:rpm/opensuse/webkit2gtk3&distro=openSUSE%20Leap%2015.2 pkg:rpm/opensuse/webkit2gtk3&distro=openSUSE%20Leap%2015.3 pkg:rpm/suse/webkit2gtk3&distro=HPE%20Helion%20OpenStack%208 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Enterprise%20Storage%206 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Enterprise%20Storage%207 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOS pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSS pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-ESPOS pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSS pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOS pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSS pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP2 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP3 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2015%20SP2 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCL pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCL pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSS pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-LTSS pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-BCL pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSS pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-BCL pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSS pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSS pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Manager%20Proxy%204.0 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Manager%20Proxy%204.1 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.0 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.1 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Manager%20Server%204.0 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Manager%20Server%204.1 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20OpenStack%20Cloud%208 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20OpenStack%20Cloud%209 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209
< 0.6.55-2.el8+ 100 more
- (no CPE)range: < 0.6.55-2.el8
- (no CPE)range: < 0.6.55-2.el8
- (no CPE)range: < 0.6.55-2.el8
- (no CPE)range: < 1:40.0-15.el8
- (no CPE)range: < 0.2.3-2.el8
- (no CPE)range: < 3.28.2-2.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.28.2-28.el8
- (no CPE)range: < 3.28.2-28.el8
- (no CPE)range: < 3.28.2-3.el8
- (no CPE)range: < 3.28.2-3.el8
- (no CPE)range: < 3.28.1-13.el8
- (no CPE)range: < 3.28.1-13.el8
- (no CPE)range: < 3.28.1-13.el8
- (no CPE)range: < 3.28.1-13.el8
- (no CPE)range: < 3.32.0-16.el8.alma
- (no CPE)range: < 3.32.2-40.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.32.1-20.el8
- (no CPE)range: < 3.36.1-10.el8
- (no CPE)range: < 3.36.1-10.el8
- (no CPE)range: < 3.32.0-6.el8
- (no CPE)range: < 3.32.0-6.el8
- (no CPE)range: < 3.22.30-8.el8
- (no CPE)range: < 3.22.30-8.el8
- (no CPE)range: < 3.22.30-8.el8
- (no CPE)range: < 3.22.30-8.el8
- (no CPE)range: < 0.19.5-3.el8
- (no CPE)range: < 0.19.5-3.el8
- (no CPE)range: < 3.32.2-60.el8
- (no CPE)range: < 3.32.2-60.el8
- (no CPE)range: < 3.22.0-11.el8
- (no CPE)range: < 2.32.3-2.el8
- (no CPE)range: < 2.32.3-2.el8
- (no CPE)range: < 2.32.3-2.el8
- (no CPE)range: < 2.32.3-2.el8
- (no CPE)range: < 2.32.4-1.1
- (no CPE)range: < 2.32.0-lp152.2.13.1
- (no CPE)range: < 2.34.3-23.3
- (no CPE)range: < 2.32.1-2.63.3
- (no CPE)range: < 2.32.0-3.74.1
- (no CPE)range: < 2.34.3-23.3
- (no CPE)range: < 2.32.0-3.74.1
- (no CPE)range: < 2.32.0-3.74.1
- (no CPE)range: < 2.34.3-23.3
- (no CPE)range: < 2.34.3-23.3
- (no CPE)range: < 2.32.0-3.74.1
- (no CPE)range: < 2.32.0-3.74.1
- (no CPE)range: < 2.32.0-3.15.1
- (no CPE)range: < 2.34.3-23.3
- (no CPE)range: < 2.32.0-3.15.1
- (no CPE)range: < 2.34.3-23.3
- (no CPE)range: < 2.34.3-23.3
- (no CPE)range: < 2.32.1-2.63.3
- (no CPE)range: < 2.32.1-2.63.3
- (no CPE)range: < 2.32.1-2.63.3
- (no CPE)range: < 2.32.1-2.63.3
- (no CPE)range: < 2.32.1-2.63.3
- (no CPE)range: < 2.32.0-3.74.1
- (no CPE)range: < 2.32.0-3.74.1
- (no CPE)range: < 2.34.3-23.3
- (no CPE)range: < 2.34.3-23.3
- (no CPE)range: < 2.32.0-3.74.1
- (no CPE)range: < 2.32.1-2.63.3
- (no CPE)range: < 2.32.1-2.63.3
- (no CPE)range: < 2.32.1-2.63.3
- (no CPE)range: < 2.32.0-3.74.1
- (no CPE)range: < 2.32.0-3.74.1
- (no CPE)range: < 2.34.3-23.3
- (no CPE)range: < 2.32.1-2.63.3
- (no CPE)range: < 2.32.0-3.74.1
- (no CPE)range: < 2.34.3-23.3
- (no CPE)range: < 2.32.0-3.74.1
- (no CPE)range: < 2.34.3-23.3
- (no CPE)range: < 2.32.0-3.74.1
- (no CPE)range: < 2.34.3-23.3
- (no CPE)range: < 2.32.1-2.63.3
- (no CPE)range: < 2.32.1-2.63.3
- (no CPE)range: < 2.32.1-2.63.3
- (no CPE)range: < 2.32.1-2.63.3
Apple Inc./tvOSv5
Range: unspecified
Apple Inc./macOSv5
Range: unspecified
Apple Inc./watchOSv5
Range: unspecified
Apple Inc./iOS and iPadOScpe-rescue
Range: unspecified

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EQ3U3VBSOJB46WCO66TEWE5OAXLTU3YW/mitrevendor-advisoryx_refsource_FEDORA
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN6ZOD62CTO54CHTMJTHVEF6R2Y532TJ/mitrevendor-advisoryx_refsource_FEDORA
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3L6ZZOU5JS7E3RFYGLP7UFLXCG7TNLU/mitrevendor-advisoryx_refsource_FEDORA
security.gentoo.org/glsa/202104-03mitrevendor-advisoryx_refsource_GENTOO
www.debian.org/security/2021/dsa-4877mitrevendor-advisoryx_refsource_DEBIAN
seclists.org/fulldisclosure/2020/Dec/32mitremailing-listx_refsource_FULLDISC
www.openwall.com/lists/oss-security/2021/03/22/1mitremailing-listx_refsource_MLIST
support.apple.com/en-us/HT211928mitrex_refsource_MISC
support.apple.com/en-us/HT211929mitrex_refsource_MISC
support.apple.com/en-us/HT211930mitrex_refsource_MISC
support.apple.com/en-us/HT211931mitrex_refsource_MISC
support.apple.com/en-us/HT211933mitrex_refsource_MISC
support.apple.com/en-us/HT211934mitrex_refsource_MISC
support.apple.com/en-us/HT211935mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000