webkitgtk: Visiting a maliciously crafted website may lead to a cross-site scripting attack

A flaw was found in WebKitGTK. A maliciously crafted web page can cause a logic issue due to improper checks and result in a cross-site scripting attack...

webkitgtk: Processing maliciously crafted web content may disclose internal states of the app

A flaw was found in WebKitGTK. Processing malicious web content can cause a memory initialization issue due to improper memory handling and result in the disclosure of the internal states of the application...

webkitgtk: Processing maliciously crafted web content may bypass Same Origin Policy

A flaw was found in WebKitGTK. Processing malicious web content can cause a cross-origin issue in the Navigation API due to improper input validation and result in a bypass of the same origin policy...

webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash

A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...

Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash CVE-2025-43213 webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari...

RHEL 9 : webkit2gtk3 (RHSA-2026:9692)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:9692 advisory. WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing maliciously...

ALSA-2026:9692 Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash CVE-2025-43213 webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari...

Fedora 42 : webkitgtk (2026-36594550b0)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-36594550b0 advisory. Update to 2.52.1. Notable changes from 2.50 to 2.52: Make text look like in other browsers by blending in linear color space. Improved rendering...

Fedora 43 : webkitgtk (2026-431948187d)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-431948187d advisory. Update to 2.52.1. Notable changes from 2.50 to 2.52: Make text look like in other browsers by blending in linear color space. Improved rendering...

[SECURITY] Fedora 44 Update: webkitgtk-2.52.1-1.fc44

WebKitGTK is the port of the WebKit web rendering engine to the GTK platform...

Fedora 44 : webkitgtk (2026-f00460a7d9)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-f00460a7d9 advisory. Update to 2.52.1: Reduce the amount of useless MPRIS notifications produced by MediaSesion when the information about media being played is...

NewStart CGSL MAIN 7.02 : webkitgtk Vulnerability (NS-SA-2026-0037)

The remote NewStart CGSL host, running version MAIN 7.02, has webkitgtk packages installed that are affected by a vulnerability: - An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in visionOS 2.3.2, iOS 18.3.2 and iPadOS 18.3.2,...

[SECURITY] [DSA 6172-1] webkit2gtk security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6172-1 [email protected] https://www.debian.org/security/ Alberto Garcia March 21, 2026 https://www.debian.org/security/faq -...

CVE-2023-43010

A flaw was found in WebKitGTK. Processing malicious web content can cause memory corruption due to improper memory handling. Mitigation Do not process or load untrusted web content with WebKitGTK. In Red Hat Enterprise Linux 7, the following packages require WebKitGTK4: evolution-data-server,...

TencentOS Server 4: webkitgtk (TSSA-2026:0169)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0169 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

MiracleLinux 8 : GNOME (AXSA:2022-2953:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-2953:01 advisory. webkitgtk: Use-after-free in AudioSourceProviderGStreamer leading to arbitrary code execution CVE-2020-13558 LibRaw: Stack buffer overflow in...

MiracleLinux 9 : webkit2gtk3-2.38.5-1.el9.3 (AXSA:2023-6241:15)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6241:15 advisory. webkitgtk: memory corruption issue leading to arbitrary code execution CVE-2023-32435 webkitgtk: type confusion issue leading to arbitrary code...

MiracleLinux 8 : webkit2gtk3-2.38.5-1.el8.4.ML.1 (AXSA:2023-6191:14)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6191:14 advisory. webkitgtk: a use-after-free when processing maliciously crafted web content CVE-2023-32373 webkitgtk: an out-of-bounds read when processing maliciou...

MiracleLinux 8 : webkit2gtk3-2.38.5-1.el8.5.ML.1 (AXSA:2023-6246:16)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6246:16 advisory. webkitgtk: memory corruption issue leading to arbitrary code execution CVE-2023-32435 webkitgtk: type confusion issue leading to arbitrary code...

MiracleLinux 9 : webkit2gtk3-2.42.5-1.el9 (AXSA:2024-8032:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8032:02 advisory. webkitgtk: Processing web content may lead to arbitrary code execution CVE-2023-40414 webkitgtk: Processing web content may lead to arbitrary code...