Browse all 3 CVE security advisories affecting UCWeb. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Ucweb develops mobile browsers and internet services, primarily serving users in emerging markets. Historically, its products have been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation and improper privilege handling. The company has addressed multiple security flaws, with three CVEs currently documented. While no major public security incidents have been widely reported, the consistent presence of vulnerabilities in its software underscores the importance of regular security updates and user vigilance when using its applications.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2017-20041 | Ucweb UC Browser HTML URL improper restriction of rendered ui layers — UC BrowserCWE-1021 | 5.4 | Medium | 2022-06-13 |
| CVE-2020-7364 | UCWeb UC Browser Address Bar Spooofing — UC BrowserCWE-451 | 4.3 | Medium | 2020-10-20 |
| CVE-2020-7363 | UCWeb UC Browser Address Bar Spooofing — UC BrowserCWE-451 | 4.3 | Medium | 2020-10-20 |
This page lists every published CVE security advisory associated with UCWeb. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.