webkitgtk: A website may exfiltrate image data cross-origin

A flaw was found in WebKitGTK. A malicious website may exfiltrate image data cross-origin due to improper handling of caches...

webkitgtk: A website may exfiltrate image data cross-origin

A flaw was found in WebKitGTK. A malicious website may exfiltrate image data cross-origin due to improper handling of caches...

RHEL 9 : webkit2gtk3 (RHSA-2025:23451)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:23451 advisory. WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkit: WebKitGTK / WPE WebKit:...

Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: Update to version 2.50.3. Security issues fixed: CVE-2025-13502: processing of maliciously crafted payloads by the GLib remote inspector server may lead to a UIProcess crash due to an out-of-bounds read and an integer underflow bsc1254208...

RLSA-2025:22789 Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkit: WebKitGTK / WPE WebKit: Out-of-bounds read and integer underflow vulnerability leading to DoS CVE-2025-13502 webkitgtk: Processing maliciously crafted web content may lead to memory...

CVE-2025-43392

The issue was addressed with improved handling of caches. This issue is fixed in tvOS 26.1, watchOS 26.1, macOS Tahoe 26.1, iOS 26.1 and iPadOS 26.1, Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, visionOS 26.1. A website may exfiltrate image data cross-origin...

UBUNTU-CVE-2025-43392

The issue was addressed with improved handling of caches. This issue is fixed in Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. A website may exfiltrate image data cross-origin...

CVE-2025-43392

CVE-2025-43392 is a cross-origin image data exfiltration vulnerability in WebKitGTK/WebKitGTK-based components. Connected advisories confirm the issue affects webkitgtk4 and related WebKitGTK/WPE WebKit deployments, with fixes in downstream package updates. The vulnerability description states th...

PT-2025-44839

Name of the Vulnerable Software and Affected Versions iOS versions prior to 18.7.2 iPadOS versions prior to 18.7.2 Description A website may be able to exfiltrate image data cross-origin due to improper handling of caches. Recommendations Update to iOS version 18.7.2. Update to iPadOS version...

APPLE-SA-2015-08-13-1 Safari 8.0.8, Safari 7.1.8, and Safari 6.2.8

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2015-08-13-1 Safari 8.0.8, Safari 7.1.8, and Safari 6.2.8 Safari 8.0.8, Safari 7.1.8, and Safari 6.2.8 is now available and addresses the following: Safari Application Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and O...