CVE-2023-39928

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Oct 6, 2023

Updated: Jan 31, 2024

CWE ID 416

Summary

CVE-2023-39928 is a use-after-free vulnerability discovered in the MediaRecorder API of Webkit WebKitGTK 2.40.5. Maliciously crafted web pages can exploit this issue to cause memory corruption, potentially leading to arbitrary code execution. The vulnerability is triggered when a user visits a malicious webpage. Users are advised to update their Webkit GTK installation as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Debian
Fedora Operating System
Webkitgtk

Affected Vendors

Debian
Fedora Project

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sV8Be5
https://www.cve.org/CVERecord?id=CVE-2023-39928
https://nvd.nist.gov/vuln/detail/CVE-2023-39928

Back to Vulnerability Database