CVE-2019-8625

🗓️ 01 Nov 2019 00:00:00Reported by ubuntu.comType

A logic issue in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, and iCloud for Windows 7.14 allows universal cross site scripting via maliciously crafted web content. Improved state management. Limited webkit support

Reporter	Title	Published	Views	Family All 123
FreeBSD	webkit2-gtk3 -- Multiple vulnerabilities	29 Oct 201900:00	–	freebsd
Tenable Nessus	Amazon Linux 2 : webkitgtk4 (ALAS-2020-1563)	11 Nov 202000:00	–	nessus
Tenable Nessus	AlmaLinux 8 : GNOME (ALSA-2020:4451)	9 Feb 202200:00	–	nessus
Tenable Nessus	CentOS 8 : GNOME (CESA-2020:4451)	1 Feb 202100:00	–	nessus
Tenable Nessus	CentOS 7 : webkitgtk4 (RHSA-2020:4035)	30 Nov 202000:00	–	nessus
Tenable Nessus	Debian DSA-4558-1 : webkit2gtk - security update	6 Nov 201900:00	–	nessus
Tenable Nessus	Fedora 30 : webkit2gtk3 (2019-99db7a510e)	4 Nov 201900:00	–	nessus
Tenable Nessus	FreeBSD : webkit2-gtk3 -- Multiple vulnerabilities (92243b6a-5775-4aea-8727-a938058df5ba)	1 Nov 201900:00	–	nessus
Tenable Nessus	GLSA-202003-22 : WebkitGTK+: Multiple vulnerabilities	16 Mar 202000:00	–	nessus
Tenable Nessus	MiracleLinux 7 : webkitgtk4-2.28.2-2.el7 (AXSA:2020-662:01)	20 Jan 202600:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Ubuntu	18.04	any	webkit2gtk	2.26.1-0ubuntu0.18.04.1	webkit2gtk_2.26.1-0ubuntu0.18.04.1_any.deb
Ubuntu	19.04	any	webkit2gtk	2.26.1-0ubuntu0.19.04.3	webkit2gtk_2.26.1-0ubuntu0.19.04.3_any.deb

Source	Link
webkitgtk	www.webkitgtk.org/security/WSA-2019-0005.html
ubuntu	www.ubuntu.com/security/notices/USN-4178-1
cve	www.cve.org/CVERecord

25 Aug 2025 23:15Current

5.8Medium risk

Vulners AI Score5.8

CVSS 24.3

CVSS 3.16.1

EPSS0.0123