CVE-2021-21806 log

Source
Severity Medium
Remote Yes
Type Arbitrary code execution
Description
A security issue has been found in WebKitGTK and WPE WebKit before 2.30.6. An exploitable use-after-free vulnerability exists in WebKit. A specially crafted HTML web page can cause a use-after-free condition, resulting in remote code execution. The victim needs to visit a malicious web site to trigger the vulnerability.
Group Package Affected Fixed Severity Status Ticket
AVG-2215 wpewebkit 2.30.5-1 2.30.6-1 Medium Fixed
AVG-2214 webkit2gtk 2.30.5-1 2.30.6-1 Medium Fixed
References
https://webkitgtk.org/security/WSA-2021-0004.html#CVE-2021-21806
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1214