INFSA-2025:7995: webkit2gtk3 security update
Information about definition
Identificator: INFSA-2025:7995
Type: security
Release date: 2025-06-10 09:21:34 UTC
Information about package
WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.
Vulnerabilities description
- CVE-2025-31205
The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. A malicious website may exfiltrate data cross-origin.
- CVE-2025-31257
This issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to an unexpected Safari crash.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2025-31205
|
no information | 6.5 | no information |
|
NIST — CVE-2025-31257
|
no information | 8.8 | no information |
Updated packages