The vulnerability of the web page rendering modules in WebKitGTK and WPE WebKit, related to the occurrence of operations outside the buffer in memory, allows attackers to trigger a service failure.

🗓️ 23 Apr 2025 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 1 Views

Vulnerability in WebKitGTK and WPE WebKit causes service interruption via crafted content beyond memory buffers.

Reporter	Title	Published	Views	Family All 167
Tenable Nessus	Amazon Linux 2 : webkitgtk4, --advisory ALAS2-2025-2869 (ALAS-2025-2869)	29 May 202500:00	–	nessus
Tenable Nessus	AlmaLinux 9 : webkit2gtk3 (ALSA-2025:3713)	9 Apr 202500:00	–	nessus
Tenable Nessus	AlmaLinux 8 : webkit2gtk3 (ALSA-2025:3974)	22 Apr 202500:00	–	nessus
Tenable Nessus	AlmaLinux 9 : webkit2gtk3 (ALSA-2025:7387)	21 May 202500:00	–	nessus
Tenable Nessus	Apple iOS < 18.4 Multiple Vulnerabilities (122371)	31 Mar 202500:00	–	nessus
Tenable Nessus	Debian dla-4218 : gir1.2-javascriptcoregtk-4.0 - security update	16 Jun 202500:00	–	nessus
Tenable Nessus	Debian dsa-5899 : gir1.2-javascriptcoregtk-4.0 - security update	10 Apr 202500:00	–	nessus
Tenable Nessus	Fedora 41 : webkitgtk (2025-059585d039)	8 Apr 202500:00	–	nessus
Tenable Nessus	Fedora 40 : webkitgtk (2025-256a86d7c8)	19 Apr 202500:00	–	nessus
Tenable Nessus	Fedora 42 : webkitgtk (2025-5427adc3f4)	3 Jul 202500:00	–	nessus

Vulners

Node

apple safariRange<18.4

OR

red_hat red_hat_enterprise_linuxMatch7

OR

red_hat red_hat_enterprise_linuxMatch8

OR

novell suse_linux_enterprise_serverMatch12-ltss

OR

novell suse_linux_enterprise_server_for_sap_applicationsMatch15

OR

novell suse_linux_enterprise_serverMatch15-ltss

OR

novell suse_linux_enterprise_server_for_sap_applicationsMatch12

OR

novell suse_linux_enterprise_desktopMatch12

OR

novell opensuse_leapMatch15.3

OR

novell suse_linux_enterprise_serverMatch12

OR

novell suse_linux_enterprise_serverMatch15

OR

red_hat red_hat_enterprise_linuxMatch9

OR

novell suse_linux_enterprise_desktopMatch15

OR

novell suse_liberty_linuxMatch9

OR

fedora fedoraMatch41

OR

novell opensuse_leapMatch15.6

OR

apple visionosRange<2.4

OR

fedora fedoraMatch42

Source	Link
webkitgtk	www.webkitgtk.org/security/WSA-2025-0003.html
support	www.support.apple.com/en-us/122371
support	www.support.apple.com/en-us/122372
support	www.support.apple.com/en-us/122373
support	www.support.apple.com/en-us/122377
support	www.support.apple.com/en-us/122378
support	www.support.apple.com/en-us/122379
access	www.access.redhat.com/security/cve/cve-2025-24216
security-tracker	www.security-tracker.debian.org/tracker/CVE-2025-24216
suse	www.suse.com/security/cve/CVE-2025-24216.html

29 Oct 2025 00:00Current

7High risk

Vulners AI Score7

CVSS 34.3

CVSS 25

EPSS0.00143

web page rendering memory buffers crafted content service interruption buffer boundaries webkitgtk wpe webkit