webkitgtk: memory corruption issue leading to arbitrary code execution

A flaw was found in webkitgtk. Improper input validation leads to a memory corruption vulnerability. This flaw allows an attacker with network access to pass specially crafted web content files, causing an application to halt, crash, or perform arbitrary code execution...

webkitgtk: A malicious website may exfiltrate data cross-origin

A flaw was found in WebKitGTK. A malicious website may exfiltrate data cross-origin due to a cookie management issue related to improper state management...

webkitgtk: Use-after-free leading to arbitrary code execution

A flaw was found in webkitgtk. Due to improper input validation, the issue occurs, leading to a use-after-free vulnerability. This flaw allows an attacker with network access to pass specially crafted web content files, causing an application to halt, crash, or arbitrary code execution...

webkitgtk: A malicious website may cause unexpected cross-origin behavior

A flaw was found in WebKit. This flaw allows a remote attacker to trigger unexpected cross-origin behavior via a malicious website...

RHEL 7 : webkitgtk4 (RHSA-2025:10364)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:10364 advisory. WebKitGTK+ is port of the WebKit portable web rendering engine to the GTK+ platform. These packages provide WebKitGTK+ for GTK+ 3. Security...

Fedora 42 : webkitgtk (2025-5427adc3f4)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-5427adc3f4 advisory. Limit the data stored in session state. Remove the empty area below the title bar in Web Inspector when not docked. Fix various crashes and renderin...

AlmaLinux 9 : webkit2gtk3 (ALSA-2025:7995)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:7995 advisory. webkitgtk: A malicious website may exfiltrate data cross-origin CVE-2025-31205 webkitgtk: Processing maliciously crafted web content may lead to an...

TencentOS Server 3: webkit2gtk3 (TSSA-2023:0080)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0080 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

TencentOS Server 3: webkit2gtk3 (TSSA-2022:0162)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0162 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

Debian dla-4218 : gir1.2-javascriptcoregtk-4.0 - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4218 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4218-1 [email protected]...

TencentOS Server 4: webkitgtk (TSSA-2024:0534)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0534 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

Ubuntu 22.04 LTS / 24.04 LTS / 24.10 / 25.04 : WebKitGTK vulnerabilities (USN-7566-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 24.10 / 25.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7566-1 advisory. Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a...

USN-7566-1: WebKitGTK vulnerabilities

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

USN-7566-1 webkit2gtk vulnerabilities

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

[SECURITY] [DSA 5937-1] webkit2gtk security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5937-1 [email protected] https://www.debian.org/security/ Alberto Garcia June 06, 2025 https://www.debian.org/security/faq -...

webkitgtk: A malicious website may exfiltrate data cross-origin

A flaw was found in WebKitGTK. A malicious website may steal data cross-origin due to improper security checks within the web browser or rendering engine, leading to unauthorized disclosure of information...

Important: Red Hat Security Advisory: webkit2gtk3 security update

An update for firefox is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash

A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory handling and result in an unexpected crash...

RHEL 9 : webkit2gtk3 (RHSA-2025:8600)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:8600 advisory. WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: A malicious website may...

webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash

A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory handling and result in an unexpected crash...