{
  "threat_severity" : "Moderate",
  "public_date" : "2019-11-08T00:00:00Z",
  "bugzilla" : {
    "description" : "webkitgtk: Multiple memory corruption issues leading to arbitrary code execution",
    "id" : "1876543",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1876543"
  },
  "cvss3" : {
    "cvss3_base_score" : "8.8",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
    "status" : "verified"
  },
  "details" : [ "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution." ],
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2020-09-29T00:00:00Z",
    "advisory" : "RHSA-2020:4035",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "webkitgtk4-0:2.28.2-2.el7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2020-11-04T00:00:00Z",
    "advisory" : "RHSA-2020:4451",
    "cpe" : "cpe:/a:redhat:enterprise_linux:8",
    "package" : "webkit2gtk3-0:2.28.4-1.el8"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Out of support scope",
    "package_name" : "webkitgtk",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Will not fix",
    "package_name" : "webkitgtk3",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2019-8766\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-8766\nhttps://webkitgtk.org/security/WSA-2019-0006.html" ],
  "name" : "CVE-2019-8766",
  "csaw" : false
}