Unrated severityNVD Advisory· Published Oct 16, 2020· Updated Aug 4, 2024

CVE-2020-9951

Description

A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.0. Processing maliciously crafted web content may lead to arbitrary code execution.

Affected products

125

osv-coords124 versions
pkg:rpm/almalinux/accountsservice-devel pkg:rpm/almalinux/atkmm pkg:rpm/almalinux/atkmm-devel pkg:rpm/almalinux/atkmm-doc pkg:rpm/almalinux/cairomm pkg:rpm/almalinux/cairomm-devel pkg:rpm/almalinux/cairomm-doc pkg:rpm/almalinux/chrome-gnome-shell pkg:rpm/almalinux/dleyna-core pkg:rpm/almalinux/dleyna-server pkg:rpm/almalinux/enchant2 pkg:rpm/almalinux/enchant2-devel pkg:rpm/almalinux/gamin pkg:rpm/almalinux/gamin-devel pkg:rpm/almalinux/geoclue2 pkg:rpm/almalinux/geoclue2-demos pkg:rpm/almalinux/geoclue2-devel pkg:rpm/almalinux/geoclue2-libs pkg:rpm/almalinux/geocode-glib pkg:rpm/almalinux/geocode-glib-devel pkg:rpm/almalinux/gjs pkg:rpm/almalinux/gjs-devel pkg:rpm/almalinux/glib2-doc pkg:rpm/almalinux/glib2-static pkg:rpm/almalinux/glibmm24 pkg:rpm/almalinux/glibmm24-devel pkg:rpm/almalinux/glibmm24-doc pkg:rpm/almalinux/gnome-boxes pkg:rpm/almalinux/gnome-photos pkg:rpm/almalinux/gnome-photos-tests pkg:rpm/almalinux/gnome-terminal pkg:rpm/almalinux/gnome-terminal-nautilus pkg:rpm/almalinux/gtk2 pkg:rpm/almalinux/gtk2-devel pkg:rpm/almalinux/gtk2-devel-docs pkg:rpm/almalinux/gtk2-immodules pkg:rpm/almalinux/gtk2-immodule-xim pkg:rpm/almalinux/gtk-doc pkg:rpm/almalinux/gtkmm24 pkg:rpm/almalinux/gtkmm24-devel pkg:rpm/almalinux/gtkmm24-docs pkg:rpm/almalinux/gtkmm30 pkg:rpm/almalinux/gtkmm30-devel pkg:rpm/almalinux/gtkmm30-doc pkg:rpm/almalinux/gvfs pkg:rpm/almalinux/gvfs-afc pkg:rpm/almalinux/gvfs-afp pkg:rpm/almalinux/gvfs-archive pkg:rpm/almalinux/gvfs-client pkg:rpm/almalinux/gvfs-devel pkg:rpm/almalinux/gvfs-fuse pkg:rpm/almalinux/gvfs-goa pkg:rpm/almalinux/gvfs-gphoto2 pkg:rpm/almalinux/gvfs-mtp pkg:rpm/almalinux/gvfs-smb pkg:rpm/almalinux/libdazzle pkg:rpm/almalinux/libdazzle-devel pkg:rpm/almalinux/libepubgen pkg:rpm/almalinux/libepubgen-devel pkg:rpm/almalinux/libsass pkg:rpm/almalinux/libsass-devel pkg:rpm/almalinux/libsigc%2B%2B20 pkg:rpm/almalinux/libsigc%2B%2B20-devel pkg:rpm/almalinux/libsigc%2B%2B20-doc pkg:rpm/almalinux/libvisual pkg:rpm/almalinux/libvisual-devel pkg:rpm/almalinux/mutter-devel pkg:rpm/almalinux/nautilus pkg:rpm/almalinux/nautilus-devel pkg:rpm/almalinux/nautilus-extensions pkg:rpm/almalinux/OpenEXR-devel pkg:rpm/almalinux/OpenEXR-libs pkg:rpm/almalinux/pangomm pkg:rpm/almalinux/pangomm-devel pkg:rpm/almalinux/pangomm-doc pkg:rpm/almalinux/soundtouch pkg:rpm/almalinux/soundtouch-devel pkg:rpm/almalinux/vala pkg:rpm/almalinux/vala-devel pkg:rpm/almalinux/woff2 pkg:rpm/almalinux/woff2-devel pkg:rpm/opensuse/webkit2gtk3&distro=openSUSE%20Leap%2015.1 pkg:rpm/opensuse/webkit2gtk3&distro=openSUSE%20Leap%2015.2 pkg:rpm/opensuse/webkit2gtk3&distro=openSUSE%20Leap%2015.3 pkg:rpm/suse/webkit2gtk3&distro=HPE%20Helion%20OpenStack%208 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Enterprise%20Storage%206 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Enterprise%20Storage%207 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOS pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSS pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-ESPOS pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSS pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOS pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSS pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP1 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP2 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP3 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2015%20SP2 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCL pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCL pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSS pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-LTSS pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-BCL pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSS pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-BCL pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSS pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSS pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Manager%20Proxy%204.1 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.1 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Manager%20Server%204.1 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20OpenStack%20Cloud%208 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20OpenStack%20Cloud%209 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209
< 0.6.55-1.el8+ 123 more
- (no CPE)range: < 0.6.55-1.el8
- (no CPE)range: < 2.24.2-7.el8
- (no CPE)range: < 2.24.2-7.el8
- (no CPE)range: < 2.24.2-7.el8
- (no CPE)range: < 1.12.0-8.el8
- (no CPE)range: < 1.12.0-8.el8
- (no CPE)range: < 1.12.0-8.el8
- (no CPE)range: < 10.1-7.el8
- (no CPE)range: < 0.6.0-3.el8
- (no CPE)range: < 0.6.0-3.el8
- (no CPE)range: < 2.2.3-3.el8
- (no CPE)range: < 2.2.3-3.el8
- (no CPE)range: < 0.1.10-32.el8
- (no CPE)range: < 0.1.10-32.el8
- (no CPE)range: < 2.5.5-2.el8
- (no CPE)range: < 2.5.5-2.el8
- (no CPE)range: < 2.5.5-2.el8
- (no CPE)range: < 2.5.5-2.el8
- (no CPE)range: < 3.26.0-3.el8
- (no CPE)range: < 3.26.0-3.el8
- (no CPE)range: < 1.56.2-5.el8
- (no CPE)range: < 1.56.2-5.el8
- (no CPE)range: < 2.56.4-9.el8
- (no CPE)range: < 2.56.4-9.el8
- (no CPE)range: < 2.56.0-2.el8
- (no CPE)range: < 2.56.0-2.el8
- (no CPE)range: < 2.56.0-2.el8
- (no CPE)range: < 3.36.5-8.el8
- (no CPE)range: < 3.28.1-4.el8
- (no CPE)range: < 3.28.1-4.el8
- (no CPE)range: < 3.28.3-3.el8
- (no CPE)range: < 3.28.3-3.el8
- (no CPE)range: < 2.24.32-5.el8
- (no CPE)range: < 2.24.32-5.el8
- (no CPE)range: < 2.24.32-5.el8
- (no CPE)range: < 2.24.32-5.el8
- (no CPE)range: < 2.24.32-5.el8
- (no CPE)range: < 1.28-3.el8
- (no CPE)range: < 2.24.5-6.el8
- (no CPE)range: < 2.24.5-6.el8
- (no CPE)range: < 2.24.5-6.el8
- (no CPE)range: < 3.22.2-3.el8
- (no CPE)range: < 3.22.2-3.el8
- (no CPE)range: < 3.22.2-3.el8
- (no CPE)range: < 1.36.2-11.el8
- (no CPE)range: < 1.36.2-11.el8
- (no CPE)range: < 1.36.2-11.el8
- (no CPE)range: < 1.36.2-11.el8
- (no CPE)range: < 1.36.2-11.el8
- (no CPE)range: < 1.36.2-11.el8
- (no CPE)range: < 1.36.2-11.el8
- (no CPE)range: < 1.36.2-11.el8
- (no CPE)range: < 1.36.2-11.el8
- (no CPE)range: < 1.36.2-11.el8
- (no CPE)range: < 1.36.2-11.el8
- (no CPE)range: < 3.28.5-2.el8
- (no CPE)range: < 3.28.5-2.el8
- (no CPE)range: < 0.1.0-3.el8
- (no CPE)range: < 0.1.0-3.el8
- (no CPE)range: < 3.4.5-6.el8
- (no CPE)range: < 3.4.5-6.el8
- (no CPE)range: < 2.10.0-6.el8
- (no CPE)range: < 2.10.0-6.el8
- (no CPE)range: < 2.10.0-6.el8
- (no CPE)range: < 1:0.4.0-25.el8
- (no CPE)range: < 1:0.4.0-25.el8
- (no CPE)range: < 3.32.2-57.el8
- (no CPE)range: < 3.28.1-15.el8
- (no CPE)range: < 3.28.1-15.el8
- (no CPE)range: < 3.28.1-15.el8
- (no CPE)range: < 2.2.0-12.el8
- (no CPE)range: < 2.2.0-12.el8
- (no CPE)range: < 2.40.1-6.el8
- (no CPE)range: < 2.40.1-6.el8
- (no CPE)range: < 2.40.1-6.el8
- (no CPE)range: < 2.0.0-3.el8
- (no CPE)range: < 2.0.0-3.el8
- (no CPE)range: < 0.40.19-2.el8
- (no CPE)range: < 0.40.19-2.el8
- (no CPE)range: < 1.0.2-5.el8
- (no CPE)range: < 1.0.2-5.el8
- (no CPE)range: < 2.30.3-lp151.2.28.2
- (no CPE)range: < 2.30.3-lp152.2.7.3
- (no CPE)range: < 2.34.3-23.3
- (no CPE)range: < 2.32.1-2.63.3
- (no CPE)range: < 2.34.3-3.92.1
- (no CPE)range: < 2.34.3-23.3
- (no CPE)range: < 2.34.3-3.92.1
- (no CPE)range: < 2.34.3-3.92.1
- (no CPE)range: < 2.34.3-23.3
- (no CPE)range: < 2.34.3-23.3
- (no CPE)range: < 2.30.3-3.63.2
- (no CPE)range: < 2.30.3-3.63.2
- (no CPE)range: < 2.30.3-3.63.2
- (no CPE)range: < 2.30.3-3.9.3
- (no CPE)range: < 2.34.3-23.3
- (no CPE)range: < 2.30.3-3.63.2
- (no CPE)range: < 2.30.3-3.9.3
- (no CPE)range: < 2.34.3-23.3
- (no CPE)range: < 2.34.3-23.3
- (no CPE)range: < 2.32.1-2.63.3
- (no CPE)range: < 2.32.1-2.63.3
- (no CPE)range: < 2.32.1-2.63.3
- (no CPE)range: < 2.32.1-2.63.3
- (no CPE)range: < 2.32.1-2.63.3
- (no CPE)range: < 2.34.3-3.92.1
- (no CPE)range: < 2.34.3-3.92.1
- (no CPE)range: < 2.34.3-23.3
- (no CPE)range: < 2.34.3-23.3
- (no CPE)range: < 2.30.3-3.63.2
- (no CPE)range: < 2.32.1-2.63.3
- (no CPE)range: < 2.32.1-2.63.3
- (no CPE)range: < 2.32.1-2.63.3
- (no CPE)range: < 2.30.3-3.63.2
- (no CPE)range: < 2.34.3-3.92.1
- (no CPE)range: < 2.34.3-23.3
- (no CPE)range: < 2.32.1-2.63.3
- (no CPE)range: < 2.34.3-23.3
- (no CPE)range: < 2.34.3-23.3
- (no CPE)range: < 2.34.3-23.3
- (no CPE)range: < 2.32.1-2.63.3
- (no CPE)range: < 2.32.1-2.63.3
- (no CPE)range: < 2.32.1-2.63.3
- (no CPE)range: < 2.32.1-2.63.3
Apple Inc./Safariv5
Range: unspecified

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

security.gentoo.org/glsa/202012-10mitrevendor-advisoryx_refsource_GENTOO
www.debian.org/security/2020/dsa-4797mitrevendor-advisoryx_refsource_DEBIAN
seclists.org/fulldisclosure/2020/Nov/18mitremailing-listx_refsource_FULLDISC
seclists.org/fulldisclosure/2020/Nov/19mitremailing-listx_refsource_FULLDISC
seclists.org/fulldisclosure/2020/Nov/20mitremailing-listx_refsource_FULLDISC
seclists.org/fulldisclosure/2020/Nov/22mitremailing-listx_refsource_FULLDISC
www.openwall.com/lists/oss-security/2020/11/23/3mitremailing-listx_refsource_MLIST
support.apple.com/HT211845mitrex_refsource_MISC
support.apple.com/kb/HT211843mitrex_refsource_CONFIRM
support.apple.com/kb/HT211844mitrex_refsource_CONFIRM
support.apple.com/kb/HT211850mitrex_refsource_CONFIRM
support.apple.com/kb/HT211935mitrex_refsource_CONFIRM
support.apple.com/kb/HT211952mitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000