{"id":"CVE-2020-13584","details":"An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.1 x64. A specially crafted HTML web page can cause a use-after-free condition, resulting in a remote code execution. The victim needs to visit a malicious web site to trigger this vulnerability.","modified":"2026-03-14T10:07:40.425288Z","published":"2020-12-03T17:15:12.147Z","related":["ALSA-2021:1586","MGASA-2020-0441","SUSE-SU-2020:3864-1","SUSE-SU-2020:3867-1","SUSE-SU-2021:1990-1","openSUSE-SU-2020:2304-1","openSUSE-SU-2020:2310-1","openSUSE-SU-2024:11506-1"],"references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BY2OBQZFMEFZOSWXPXHPEHOJXXILEEX2/"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202012-10"},{"type":"EVIDENCE","url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1195"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-13584.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"2.30.1"}]},{"events":[{"introduced":"0"},{"last_affected":"32"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}