Cyber Resilience

CVE-2019-8720

HighCISA KEVActive ExploitationEUVD Exploited

Published: 06 March 2023

Published
06 March 2023
Modified
18 November 2025
KEV Added
23 May 2022
Patch
CVSS Score v3.1 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.0412 88.9th percentile
Risk Priority 40 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2019-8720 is a high-severity Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) vulnerability in Redhat Enterprise Linux Eus. Its CVSS base score is 8.8 (High).

Operationally, ranked in the top 11.1% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).

Deeper analysis

A vulnerability identified as CVE-2019-8720 exists in WebKit and stems from multiple memory corruption issues classified under CWE-119. The flaw is triggered during the processing of maliciously crafted web content, and the provided description indicates that improved memory handling was implemented to resolve it. Affected software includes WebKitGTK as referenced in the associated security advisories.

An attacker can exploit the issue by serving malicious web content to a victim, requiring no special privileges but relying on user interaction such as visiting a crafted page. Successful exploitation may result in arbitrary code execution, with the CVSS 8.8 score reflecting high impact on confidentiality, integrity, and availability over a network vector.

WebKitGTK security advisory WSA-2019-0005 and related Red Hat bug reports describe the resolution through updated memory handling in patched versions. The vulnerability appears in the CISA Known Exploited Vulnerabilities catalog, confirming observed real-world exploitation activity that warrants prioritized patching for affected WebKit-based components.

EU & UK References

Vulnerability details

A vulnerability was found in WebKit. The flaw is triggered when processing maliciously crafted web content that may lead to arbitrary code execution. Improved memory handling addresses the multiple memory corruption issues.

CWE(s)
KEV Date Added
23 May 2022

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

webkitgtk
webkitgtk
≤ 2.26.0
wpewebkit
wpe webkit
≤ 2.26.0
redhat
codeready linux builder
8.0
redhat
codeready linux builder eus
8.4, 8.6
redhat
codeready linux builder for arm64 eus
8.0, 8.4, 8.6
redhat
codeready linux builder for ibm z systems eus
8.0, 8.4, 8.6
redhat
codeready linux builder for power little endian eus
8.0, 8.4, 8.6
redhat
enterprise linux
8.0
redhat
enterprise linux desktop
7.0
redhat
enterprise linux eus
8.4, 8.6
+13 more product configuration(s) — see NVD for full list

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly implements memory protection mechanisms that address the multiple memory corruption issues (CWE-119) enabling arbitrary code execution in WebKit.

prevent

Requires timely application of patches that improve memory handling, directly remediating the known exploited vulnerability in WebKitGTK and similar components.

preventdetect

Provides malicious code detection and blocking capabilities that can intercept crafted web content before it triggers the WebKit memory corruption flaw.

References