CVE-2021-21775

Severity CVSS v4.0:
Pending analysis
Type:
CWE-416 Use After Free
Publication date:
07/07/2021
Last modified:
07/11/2023

Description

A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of Webkit WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. In order to trigger the vulnerability, a victim must be tricked into visiting a malicious webpage.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:webkitgtk:webkitgtk:2.30.4:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*