{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2019-8720","assignerOrgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","assignerShortName":"redhat","dateUpdated":"2025-10-21T23:15:24.508Z","dateReserved":"2019-02-18T00:00:00.000Z","datePublished":"2023-03-06T00:00:00.000Z"},"containers":{"cna":{"providerMetadata":{"orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat","dateUpdated":"2023-03-06T00:00:00.000Z"},"descriptions":[{"lang":"en","value":"A vulnerability was found in WebKit. The flaw is triggered when processing maliciously crafted web content that may lead to arbitrary code execution. Improved memory handling addresses the multiple memory corruption issues."}],"affected":[{"vendor":"n/a","product":"webkitgtk","versions":[{"version":"Fixed in webkitgtk 2.26.0","status":"affected"}]}],"references":[{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1876611"},{"url":"https://webkitgtk.org/security/WSA-2019-0005.html"}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-119","cweId":"CWE-119"}]}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T21:24:29.610Z"},"title":"CVE Program Container","references":[{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1876611","tags":["x_transferred"]},{"url":"https://webkitgtk.org/security/WSA-2019-0005.html","tags":["x_transferred"]}]},{"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":8.8,"attackVector":"NETWORK","baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","integrityImpact":"HIGH","userInteraction":"REQUIRED","attackComplexity":"LOW","availabilityImpact":"HIGH","privilegesRequired":"NONE","confidentialityImpact":"HIGH"}},{"other":{"type":"ssvc","content":{"id":"CVE-2019-8720","role":"CISA Coordinator","options":[{"Exploitation":"active"},{"Automatable":"no"},{"Technical Impact":"total"}],"version":"2.0.3","timestamp":"2025-01-28T21:22:50.417013Z"}}},{"other":{"type":"kev","content":{"dateAdded":"2022-05-23","reference":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-8720"}}}],"references":[{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-8720","tags":["government-resource"]}],"problemTypes":[{"descriptions":[{"lang":"en","type":"CWE","cweId":"CWE-119","description":"CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer"}]}],"timeline":[{"time":"2022-05-23T00:00:00.000Z","lang":"en","value":"CVE-2019-8720 added to CISA KEV"}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-10-21T23:15:24.508Z"}}]}}