CVE-2020-9947: Use After Free
A flaw was found in WebKitGTK.
Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: A use after free issue was addressed with improved memory management.
Reference: https://webkitgtk.org/security/WSA-2021-0002.html
Other sources
A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0, iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0, Safari 14.0. Processing maliciously crafted web content may lead to arbitrary code execution.
— MITRE
WebKit. A use after free issue was addressed with improved memory management.
WebKit. Processing maliciously crafted web content may lead to arbitrary code execution.
Credit
Affected Software
Event History
Parent advisories
This vulnerability appears in the following advisories.
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2020-27914
- CVE-2020-27915
- CVE-2020-27903
- CVE-2020-27910
- CVE-2020-27916
- CVE-2020-9943
- CVE-2020-9944
- CVE-2020-27906
- CVE-2020-27945
- CVE-2020-27908
- CVE-2020-27909
- CVE-2020-9960
- CVE-2020-10017
- CVE-2020-9949
- CVE-2020-9897
- CVE-2020-9883
- CVE-2020-10003
- CVE-2020-27922
- CVE-2020-9999
- CVE-2020-27937
- CVE-2020-9965
- CVE-2020-9966
- CVE-2020-27894
- CVE-2020-36615
- CVE-2021-1790
- CVE-2021-1775
- CVE-2020-29629
- CVE-2020-27942
- CVE-2020-9962
- CVE-2020-27952
- CVE-2020-9956
- CVE-2020-27931
- CVE-2020-27930
- CVE-2020-27927
- CVE-2020-29639
- CVE-2020-10002
- CVE-2020-9978
- CVE-2020-9955
- CVE-2020-27924
- CVE-2020-27912
- CVE-2020-27923
- CVE-2020-9876
- CVE-2020-10015
- CVE-2020-27897
- CVE-2020-27907
- CVE-2020-27919
- CVE-2020-9967
- CVE-2020-9975
- CVE-2020-27921
- CVE-2020-27904
- CVE-2019-14899
- CVE-2020-27950
- CVE-2020-9974
- CVE-2020-10016
- CVE-2020-27932
- CVE-2020-27917
- CVE-2020-27920
- CVE-2020-27911
- CVE-2020-9971
- CVE-2020-10014
- CVE-2020-10010
- CVE-2020-9941
- CVE-2020-9988
- CVE-2020-9989
- CVE-2020-10011
- CVE-2020-13524
- CVE-2020-10004
- CVE-2020-9996
- CVE-2020-27901
- CVE-2020-27900
- CVE-2019-20838
- CVE-2020-14155
- CVE-2020-10007
- CVE-2020-27896
- CVE-2020-9963
- CVE-2020-10012
- CVE-2020-10663
- CVE-2020-9945
- CVE-2020-9977
- CVE-2020-9942
- CVE-2020-9987
- CVE-2021-1803
- CVE-2020-9969
- CVE-2020-27893
- CVE-2021-1755
- CVE-2020-10005
- CVE-2020-9991
- CVE-2020-9849
- CVE-2020-15358
- CVE-2020-13631
- CVE-2020-13434
- CVE-2020-13435
- CVE-2020-13630
- CVE-2020-27899
- CVE-2020-10009
- CVE-2020-10008
- CVE-2020-27918
- CVE-2020-9947
- CVE-2020-9950
- CVE-2020-27898
- CVE-2020-27935
- CVE-2020-10006
- CVE-2020-9979
- CVE-2020-9954
- CVE-2020-36521
- CVE-2020-9961
- CVE-2020-9976
- CVE-2020-9981
- CVE-2020-9968
- CVE-2020-9951
- CVE-2020-9983
- CVE-2020-9952
- CVE-2020-10013
- CVE-2020-9946
- CVE-2020-9993
- CVE-2020-9948
- CVE-2020-9958
- CVE-2020-9773
- CVE-2020-9992
- CVE-2020-9964
- CVE-2020-13520
- CVE-2020-6147
- CVE-2020-9972
- CVE-2020-9973
- CVE-2020-9959
Frequently Asked Questions
What is CVE-2020-9947?
CVE-2020-9947 is a vulnerability in WebKit that allows arbitrary code execution through a use after free issue.
Which software versions are affected by CVE-2020-9947?
CVE-2020-9947 affects Apple tvOS up to version 14.0, Apple macOS Big Sur up to version 11.0.1, Apple Safari up to version 14.0, Apple iOS up to version 14.0, Apple iPadOS up to version 14.0, Apple watchOS up to version 7.0, Apple iTunes for Windows up to version 12.10.9, and Apple iCloud for Windows up to version 11.5.
How can I fix CVE-2020-9947?
To fix CVE-2020-9947, you should update your software to the latest version provided by Apple.
What is the severity of CVE-2020-9947?
The severity of CVE-2020-9947 is not specified in the vulnerability report, but it allows arbitrary code execution.
Where can I find more information about CVE-2020-9947?
You can find more information about CVE-2020-9947 on the Apple Support website using the following links: [link1], [link2], [link3].