RHEL 9 : webkit2gtk3 (RHSA-2025:14423)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:14423 advisory. WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: angle: insufficient input validation...

RHEL 8 : webkit2gtk3 (RHSA-2025:14486)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:14486 advisory. WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: angle: insufficient input validation...

Astra Linux – Vulnerability in WebKit2GTK

A logic issue has been resolved through improved checks. This issue is fixed in Safari 18.6 and macOS Sequoia 15.6. The origin of a download may be incorrectly associated...

[SECURITY] Fedora 41 Update: webkitgtk-2.48.5-1.fc41

WebKitGTK is the port of the WebKit web rendering engine to the GTK platform...

TencentOS Server 4: webkitgtk (TSSA-2025:0669)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0669 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

Ubuntu 22.04 LTS / 24.04 LTS / 25.04 : WebKitGTK vulnerabilities (USN-7702-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7702-1 advisory. Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious...

USN-7702-1: WebKitGTK vulnerabilities

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

USN-7702-1 webkit2gtk vulnerabilities

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

Linux Distros Unpatched Vulnerability : CVE-2021-21779

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free vulnerability exists in the way Webkit's GraphicsContext handles certain events in WebKitGTK 2.30.4. A specially crafted web page can lead to a...

Linux Distros Unpatched Vulnerability : CVE-2020-13753

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to CLONENEWUSER and the TIOCSTI ioctl. CLONENEWUSER could...

Linux Distros Unpatched Vulnerability : CVE-2021-45482

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::ContainerNode::firstChild, a different vulnerability than CVE-2021-30889. CVE-2021-45482 Note...

AlmaLinux 9 : webkit2gtk3 (ALSA-2025:13782)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:13782 advisory. angle: insufficient input validation can cause undefined behavior CVE-2025-6558 webkitgtk: A download?s origin may be incorrectly associated CVE-2025-432...

webkitgtk: Processing maliciously crafted web content may disclose internal states of the app

A flaw was found in WebKitGTK. Processing malicious web content can trigger an out-of-bounds read due to improper input validation, resulting in the disclosure of the internal states of the application...

webkitgtk: Processing maliciously crafted web content may lead to memory corruption

A flaw was found in WebKitGTK. Processing malicious web content can cause memory corruption due to improper memory handling...

webkitgtk: Processing web content may lead to a denial-of-service

A flaw was found in WebKitGTK. Processing malicious web content can cause a denial of service due to improper memory handling...

webkitgtk: A download’s origin may be incorrectly associated

A flaw was found in WebKitGTK. A malicious website can cause the origin of a download to be incorrectly associated with the wrong site due to improper checks, allowing an attacker to trick a user into downloading a malicious file...

webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash

A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...

Important: Red Hat Security Advisory: webkit2gtk3 security update

An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

webkitgtk: Processing maliciously crafted web content may disclose sensitive user information

A flaw was found in WebKitGTK. Processing malicious web content can disclose sensitive user information due to improper state management...

webkitgtk: Processing maliciously crafted web content may disclose internal states of the app

A flaw was found in WebKitGTK. Processing malicious web content can trigger an out-of-bounds read due to improper input validation, resulting in the disclosure of the internal states of the application...