CVE

CVE-2025-43531

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (important)

CVE

CVE-2025-43531

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (important)

DOCUMENTATION: A flaw was found in WebKitGTK. Processing malicious web content can cause a race condition due to improper state handling and result in an unexpected process crash.

STATEMENT: To exploit this issue, an attacker needs to trick a user into processing or loading malicious web content. Due to this reason, this flaw has been rated with an important severity.

Additionally, this issue can cause an unexpected process crash but the possibility of remote code execution is not discarded.

MITIGATION: Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.

Package Versions Affected

No items found.

Automatically patch vulnerabilities without upgrading

Fix Without Upgrading

Detect compatible fix

Apply safe remediation

Fix with a single pull request

CVSS Version

3.1

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L

Related Resources

No items found.

References

https://access.redhat.com/security/cve/CVE-2025-43531

Severity

0

CVSS Score

Basic Information

Ecosystem

Base CVSS

EPSS Probability

0.00097%

EPSS Percentile

0.27429%

Introduced Version

Fix Available

0:2.50.4-1.el8_10,0:2.50.4-1.el9_7,2.50.4-1~deb12u1,2.50.4-1~deb11u1,2.50.4-1~deb13u1,0:2.50.4-1.amzn2

Fix Critical Vulnerabilities Instantly

Secure your app without upgrading.

Fix Without Upgrading

Get a Demo

Let's Patch It!

CVE-2025-43531

CVE-2025-43531

Package Versions Affected

Automatically patch vulnerabilities without upgrading

CVSS Version

Related Resources

References

Severity

0

Basic Information

Fix Critical Vulnerabilities Instantly