The following vulnerability has been discovered in the libwebkit2gtk-4.0-dev web engine: CVE-2020-3885 Ryan Pickren discovered that a file URL may be incorrectly processed. CVE-2020-3894 Sergei Glazunov discovered that a race condition may allow an application to read restricted memory. CVE-2020-3895 grigoritchy discovered that processing maliciously crafted web content may lead to arbitrary code execution. CVE-2020-3897 Brendan Draper discovered that a remote attacker may be able to cause arbitrary code execution. CVE-2020-3899 OSS-Fuzz discovered that A remote attacker may be able to cause arbitrary code execution. CVE-2020-3900 Dongzhuo Zhao discovered that processing maliciously crafted web content may lead to arbitrary code execution. CVE-2020-3901 Benjamin Randazzo discovered that processing maliciously crafted web content may lead to arbitrary code execution. CVE-2020-3902 Yigit Can Yilmaz discovered that processing maliciously crafted web content may lead to a cross site scripting attack.