Important: Red Hat Security Advisory: webkit2gtk3 security update

An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

SUSE-SU-2026:1139-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: Update to version 2.52.0: - CVE-2023-43010: processing maliciously crafted web content may lead to memory corruption bsc1259950. - CVE-2025-31223: processing maliciously crafted web content may lead to memory corruption bsc1259949. -...

Improper Handling of Length Parameter Inconsistency

Overview ecdsa is an easy-to-use implementation of ECDSA cryptography Elliptic Curve Digital Signature Algorithm, implemented purely in Python, released under the MIT license. Affected versions of this package are vulnerable to Improper Handling of Length Parameter Inconsistency due to improper...

MiracleLinux 9 : webkit2gtk3-2.50.3-1.el9_7 (AXSA:2025-11554:21)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11554:21 advisory. webkit: WebKitGTK / WPE WebKit: Out-of-bounds read and integer underflow vulnerability leading to DoS CVE-2025-13502 webkitgtk: Processing...

RockyLinux 8 : webkit2gtk3 (RLSA-2025:22789)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:22789 advisory. webkit: WebKitGTK / WPE WebKit: Out-of-bounds read and integer underflow vulnerability leading to DoS CVE-2025-13502 webkitgtk: Processing maliciously...

CVE-2025-43435

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash...

Important: Red Hat Security Advisory: webkit2gtk3 security update

An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

RHEL 9 : webkit2gtk3 (RHSA-2025:7995)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:7995 advisory. WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: A malicious website may...

[SECURITY] [DSA 5899-1] webkit2gtk security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5899-1 [email protected] https://www.debian.org/security/ Alberto Garcia April 10, 2025 https://www.debian.org/security/faq -...

RHEL 9 : webkit2gtk3 (RHSA-2025:3713)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:3713 advisory. WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing maliciously...

SUSE-SU-2025:0639-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: Update to version 2.46.6 bsc1236946: - CVE-2025-24143: A maliciously crafted webpage may be able to fingerprint the user. - CVE-2025-24150: Copying a URL from Web Inspector may lead to command injection. - CVE-2025-24158: Processing web...

Potentially Undefined Behavior

firefox is vulnerable to potentially undefined behavior. The vulnerability is due to bypassing move semantics, leading to undefined behavior, which attackers can exploit to cause unexpected crashes or execute arbitrary code...

Apple iOS 5.1.1 Safari Browser - 'JS match()' / 'search()' Crash (PoC)

!/usr/bin/env ruby - Title iOS \n\ Crash PoC\n\ \n\ var s = "poc";\n\ s.match"chrbufferlen";\n\ \n\ "; def help puts "iOS = v5.1.1 Safari Browser JS match, search Crash PoC" puts "$0 -p bindport -h bindaddress --verbose" end Parsing options opts = optparser = OptionParser.new do |op| op.on"-h",...