CVE
CVE-2025-31223
RHSA-2025:17802: webkit2gtk3 security update (Important)
WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.
Security Fix(es):
- webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash (CVE-2025-43272)
- webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2025-43342)
- webkitgtk: A website may be able to access sensor information without user consent (CVE-2025-43356)
- webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash (CVE-2025-43368)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Package Versions Affected
Package Version
patch Availability
No items found.
Automatically patch vulnerabilities without upgrading
Fix Without Upgrading
Detect compatible fix
Apply safe remediation
Fix with a single pull request
CVSS Version
Severity
Base Score
CVSS Version
Score Vector
C
H
U
8
-
3.1
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
C
H
U
-
C
H
U
-
Related Resources
No items found.
References
https://access.redhat.com/errata/RHSA-2025:17802, https://access.redhat.com/security/cve/CVE-2025-31223, https://access.redhat.com/security/cve/CVE-2025-31277, https://access.redhat.com/security/cve/CVE-2025-43272, https://access.redhat.com/security/cve/CVE-2025-43342, https://access.redhat.com/security/cve/CVE-2025-43356, https://access.redhat.com/security/cve/CVE-2025-43368, https://access.redhat.com/security/cve/CVE-2025-43419
Basic Information
Ecosystem
