{"id":"CVE-2020-13543","details":"A code execution vulnerability exists in the WebSocket functionality of Webkit WebKitGTK 2.30.0. A specially crafted web page can trigger a use-after-free vulnerability which can lead to remote code execution. An attacker can get a user to visit a webpage to trigger this vulnerability.","modified":"2026-03-14T09:58:42.554502Z","published":"2020-12-03T17:15:12.083Z","related":["ALSA-2021:1586","MGASA-2020-0441","SUSE-SU-2020:3864-1","SUSE-SU-2020:3867-1","SUSE-SU-2021:1990-1","openSUSE-SU-2020:2304-1","openSUSE-SU-2020:2310-1"],"references":[{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202012-10"},{"type":"ADVISORY","url":"https://www.oracle.com/security-alerts/cpuapr2022.html"},{"type":"EVIDENCE","url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1155"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-13543.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"2.30.0"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}