CVE
CVE-2025-43529
RHSA-2025:23700: webkit2gtk3 security update (Important)
WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.
Security Fix(es):
- webkitgtk: webkitgtk: Use-after-free due to improper memory management (CVE-2025-43529)
- webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2025-43501)
- webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2025-43531)
- webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2025-43535)
- webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2025-43536)
- webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash (CVE-2025-43541)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Package Versions Affected
Package Version
patch Availability
No items found.
Automatically patch vulnerabilities without upgrading
Fix Without Upgrading
Detect compatible fix
Apply safe remediation
Fix with a single pull request
CVSS Version
Severity
Base Score
CVSS Version
Score Vector
C
H
U
8.8
-
3.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
C
H
U
-
C
H
U
-
Related Resources
No items found.
References
https://access.redhat.com/errata/RHSA-2025:23700, https://access.redhat.com/security/cve/CVE-2025-14174, https://access.redhat.com/security/cve/CVE-2025-43501, https://access.redhat.com/security/cve/CVE-2025-43529, https://access.redhat.com/security/cve/CVE-2025-43531, https://access.redhat.com/security/cve/CVE-2025-43535, https://access.redhat.com/security/cve/CVE-2025-43536, https://access.redhat.com/security/cve/CVE-2025-43541
Basic Information
Ecosystem
