VulnerableCode Package Details - pkg:deb/debian/webkit2gtk@2.48.1-2~deb12u1

Search for packages

Package details: pkg:deb/debian/webkit2gtk@2.48.1-2~deb12u1

Essentials
History (43)

purl	pkg:deb/debian/webkit2gtk@2.48.1-2~deb12u1
Tags	Ghost

Next non-vulnerable version	2.48.5-1~deb12u1
Latest non-vulnerable version	2.48.5-1
Risk	10.0

Vulnerabilities affecting this package (26)

Vulnerability	Summary	Fixed by
VCID-2zmm-ts7g-auhs Aliases: CVE-2025-43211	The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, macOS Sequoia 15.6, iPadOS 17.7.9, iOS 18.6 and iPadOS 18.6, tvOS 18.6, watchOS 11.6, visionOS 2.6. Processing web content may lead to a denial-of-service.	2.48.3-1~deb12u1 Affected by 0 other vulnerabilities. 2.48.5-1 Affected by 0 other vulnerabilities.
VCID-4t2u-54h2-2bes Aliases: CVE-2025-24209	A buffer overflow issue was addressed with improved memory handling. This issue is fixed in tvOS 18.4, Safari 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. Processing maliciously crafted web content may lead to an unexpected process crash.	2.48.3-1~deb12u1 Affected by 0 other vulnerabilities. 2.48.5-1~deb12u1 Affected by 0 other vulnerabilities.
VCID-53eh-h9e9-n3c2 Aliases: CVE-2025-24223	The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to memory corruption.	2.48.3-1~deb12u1 Affected by 0 other vulnerabilities. 2.48.5-1~deb12u1 Affected by 0 other vulnerabilities.
VCID-6vtn-1pj7-s3f3 Aliases: CVE-2025-24208	A permissions issue was addressed with additional restrictions. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4. Loading a malicious iframe may lead to a cross-site scripting attack.	2.48.3-1~deb12u1 Affected by 0 other vulnerabilities. 2.48.5-1~deb12u1 Affected by 0 other vulnerabilities.
VCID-6zm4-vrfe-d3ee Aliases: CVE-2025-31278	The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iPadOS 17.7.9, watchOS 11.6, visionOS 2.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6. Processing maliciously crafted web content may lead to memory corruption.	2.48.3-1~deb12u1 Affected by 0 other vulnerabilities. 2.48.5-1 Affected by 0 other vulnerabilities.
VCID-bqqq-jbnz-gufx Aliases: CVE-2025-43212	The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, macOS Sequoia 15.6, iOS 18.6 and iPadOS 18.6, tvOS 18.6, watchOS 11.6, visionOS 2.6. Processing maliciously crafted web content may lead to an unexpected Safari crash.	2.48.3-1~deb12u1 Affected by 0 other vulnerabilities. 2.48.5-1 Affected by 0 other vulnerabilities.
VCID-c7j8-9stv-vybz Aliases: CVE-2025-43228	The issue was addressed with improved UI. This issue is fixed in iOS 18.6 and iPadOS 18.6, Safari 18. 6. Visiting a malicious website may lead to address bar spoofing.	2.48.3-1~deb12u1 Affected by 0 other vulnerabilities. 2.48.5-1 Affected by 0 other vulnerabilities.
VCID-cazs-jjwq-3uh4 Aliases: CVE-2025-24216	The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.4, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, Safari 18.4. Processing maliciously crafted web content may lead to an unexpected Safari crash.	2.48.3-1~deb12u1 Affected by 0 other vulnerabilities. 2.48.5-1~deb12u1 Affected by 0 other vulnerabilities.
VCID-een8-44f2-ybhf Aliases: CVE-2025-24201	An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in visionOS 2.3.2, iOS 18.3.2 and iPadOS 18.3.2, macOS Sequoia 15.3.2, Safari 18.3.1, watchOS 11.4, iPadOS 17.7.6, iOS 16.7.11 and iPadOS 16.7.11, iOS 15.8.4 and iPadOS 15.8.4. Maliciously crafted web content may be able to break out of Web Content sandbox. This is a supplementary fix for an attack that was blocked in iOS 17.2. (Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2.).	2.48.3-1~deb12u1 Affected by 0 other vulnerabilities. 2.48.5-1~deb12u1 Affected by 0 other vulnerabilities.
VCID-f1j1-6rf1-hyd7 Aliases: CVE-2024-44192	The issue was addressed with improved checks. This issue is fixed in watchOS 11, macOS Sequoia 15, Safari 18, visionOS 2, iOS 18 and iPadOS 18, tvOS 18. Processing maliciously crafted web content may lead to an unexpected process crash.	2.48.3-1~deb12u1 Affected by 0 other vulnerabilities. 2.48.5-1~deb12u1 Affected by 0 other vulnerabilities.
VCID-ggp7-3m8t-zqbq Aliases: CVE-2025-31206	A type confusion issue was addressed with improved state handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to an unexpected Safari crash.	2.48.3-1~deb12u1 Affected by 0 other vulnerabilities. 2.48.5-1~deb12u1 Affected by 0 other vulnerabilities.
VCID-hcpq-m5t8-bfga Aliases: CVE-2025-31215	The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to an unexpected process crash.	2.48.3-1~deb12u1 Affected by 0 other vulnerabilities. 2.48.5-1~deb12u1 Affected by 0 other vulnerabilities.
VCID-heb9-9d3e-a7cn Aliases: CVE-2025-43265	An out-of-bounds read was addressed with improved input validation. This issue is fixed in Safari 18.6, watchOS 11.6, visionOS 2.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6. Processing maliciously crafted web content may disclose internal states of the app.	2.48.3-1~deb12u1 Affected by 0 other vulnerabilities. 2.48.5-1 Affected by 0 other vulnerabilities.
VCID-k5ax-dz9v-q3f3 Aliases: CVE-2024-54551	The issue was addressed with improved memory handling. This issue is fixed in watchOS 10.6, tvOS 17.6, Safari 17.6, macOS Sonoma 14.6, visionOS 1.3, iOS 17.6 and iPadOS 17.6. Processing web content may lead to a denial-of-service.	2.48.3-1~deb12u1 Affected by 0 other vulnerabilities. 2.48.5-1~deb12u1 Affected by 0 other vulnerabilities.
VCID-ksgy-zrvt-13hq Aliases: CVE-2025-43240	A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6, Safari 18. 6. A download's origin may be incorrectly associated.	2.48.3-1~deb12u1 Affected by 0 other vulnerabilities. 2.48.5-1 Affected by 0 other vulnerabilities.
VCID-nwzv-5yc9-abdr Aliases: CVE-2025-6558	Insufficient validation of untrusted input in ANGLE and GPU in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)	2.48.3-1~deb12u1 Affected by 0 other vulnerabilities. 2.48.5-1 Affected by 0 other vulnerabilities.
VCID-p9x9-898h-qbfw Aliases: CVE-2024-54467	A cookie management issue was addressed with improved state management. This issue is fixed in watchOS 11, macOS Sequoia 15, Safari 18, visionOS 2, iOS 18 and iPadOS 18, tvOS 18. A malicious website may exfiltrate data cross-origin.	2.48.3-1~deb12u1 Affected by 0 other vulnerabilities. 2.48.5-1~deb12u1 Affected by 0 other vulnerabilities.
VCID-pdxk-rjfx-xfct Aliases: CVE-2025-30427	A use-after-free issue was addressed with improved memory management. This issue is fixed in visionOS 2.4, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, Safari 18.4. Processing maliciously crafted web content may lead to an unexpected Safari crash.	2.48.3-1~deb12u1 Affected by 0 other vulnerabilities.
VCID-phgg-akm7-eyac Aliases: CVE-2025-24264	The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.4, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, Safari 18.4. Processing maliciously crafted web content may lead to an unexpected Safari crash.	2.48.3-1~deb12u1 Affected by 0 other vulnerabilities. 2.48.5-1~deb12u1 Affected by 0 other vulnerabilities.
VCID-r323-w2qc-3bdh Aliases: CVE-2025-31205	The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. A malicious website may exfiltrate data cross-origin.	2.48.3-1~deb12u1 Affected by 0 other vulnerabilities. 2.48.5-1~deb12u1 Affected by 0 other vulnerabilities.
VCID-t3vb-qhya-6ybx Aliases: CVE-2025-31273	The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, macOS Sequoia 15.6, iOS 18.6 and iPadOS 18.6, tvOS 18.6, watchOS 11.6, visionOS 2.6. Processing maliciously crafted web content may lead to memory corruption.	2.48.3-1~deb12u1 Affected by 0 other vulnerabilities. 2.48.5-1 Affected by 0 other vulnerabilities.
VCID-ukfv-y47s-j3cz Aliases: CVE-2025-43227	This issue was addressed through improved state management. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, watchOS 11.6, visionOS 2.6. Processing maliciously crafted web content may disclose sensitive user information.	2.48.3-1~deb12u1 Affected by 0 other vulnerabilities. 2.48.5-1 Affected by 0 other vulnerabilities.
VCID-wbu7-jgfp-6fd3 Aliases: CVE-2025-24213	This issue was addressed with improved handling of floats. This issue is fixed in tvOS 18.5, Safari 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, watchOS 11.5, visionOS 2.5. A type confusion issue could lead to memory corruption.	2.48.3-1~deb12u1 Affected by 0 other vulnerabilities.
VCID-xt7n-vwqs-6kf5 Aliases: CVE-2025-31204	The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to memory corruption.	2.48.3-1~deb12u1 Affected by 0 other vulnerabilities. 2.48.5-1~deb12u1 Affected by 0 other vulnerabilities.
VCID-xwp9-yhvn-qyh7 Aliases: CVE-2025-43216	A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 18.6, watchOS 11.6, iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, tvOS 18.6, macOS Sequoia 15.6, visionOS 2.6. Processing maliciously crafted web content may lead to an unexpected Safari crash.	2.48.3-1~deb12u1 Affected by 0 other vulnerabilities. 2.48.5-1 Affected by 0 other vulnerabilities.
VCID-z43y-5b52-yuey Aliases: CVE-2025-31257	This issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to an unexpected Safari crash.	2.48.3-1~deb12u1 Affected by 0 other vulnerabilities. 2.48.5-1~deb12u1 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-08-12T12:49:39.287138+00:00	Debian Importer	Affected by	VCID-bqqq-jbnz-gufx	https://security-tracker.debian.org/tracker/data/json	37.0.0
2025-08-12T12:40:25.001312+00:00	Debian Importer	Affected by	VCID-xwp9-yhvn-qyh7	https://security-tracker.debian.org/tracker/data/json	37.0.0
2025-08-12T12:19:56.116201+00:00	Debian Importer	Affected by	VCID-ukfv-y47s-j3cz	https://security-tracker.debian.org/tracker/data/json	37.0.0
2025-08-12T12:18:57.756097+00:00	Debian Importer	Affected by	VCID-c7j8-9stv-vybz	https://security-tracker.debian.org/tracker/data/json	37.0.0
2025-08-12T12:15:08.206603+00:00	Debian Importer	Affected by	VCID-heb9-9d3e-a7cn	https://security-tracker.debian.org/tracker/data/json	37.0.0
2025-08-12T12:11:06.965318+00:00	Debian Importer	Affected by	VCID-2zmm-ts7g-auhs	https://security-tracker.debian.org/tracker/data/json	37.0.0
2025-08-12T12:10:53.454976+00:00	Debian Importer	Affected by	VCID-t3vb-qhya-6ybx	https://security-tracker.debian.org/tracker/data/json	37.0.0
2025-08-12T12:10:38.399906+00:00	Debian Importer	Affected by	VCID-ksgy-zrvt-13hq	https://security-tracker.debian.org/tracker/data/json	37.0.0
2025-08-12T12:00:07.922981+00:00	Debian Importer	Affected by	VCID-6zm4-vrfe-d3ee	https://security-tracker.debian.org/tracker/data/json	37.0.0
2025-08-12T11:44:11.040813+00:00	Debian Importer	Affected by	VCID-nwzv-5yc9-abdr	https://security-tracker.debian.org/tracker/data/json	37.0.0
2025-08-05T19:47:48.844567+00:00	Debian Oval Importer	Fixing	VCID-b4af-ehyw-3kcp	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T20:07:45.138584+00:00	Debian Oval Importer	Fixing	VCID-kvdf-hbzd-5fat	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T19:59:56.909933+00:00	Debian Oval Importer	Fixing	VCID-gj97-4uhm-aydw	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T18:55:15.566039+00:00	Debian Oval Importer	Affected by	VCID-pdxk-rjfx-xfct	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T18:39:29.957404+00:00	Debian Oval Importer	Fixing	VCID-pr7k-su8x-73a9	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T18:22:12.748125+00:00	Debian Oval Importer	Affected by	VCID-wbu7-jgfp-6fd3	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T18:14:06.246194+00:00	Debian Oval Importer	Fixing	VCID-9qdk-3u7x-zbg6	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T17:53:31.984579+00:00	Debian Oval Importer	Fixing	VCID-xx48-ju7v-4ydx	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T17:42:39.780143+00:00	Debian Oval Importer	Affected by	VCID-6vtn-1pj7-s3f3	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T17:41:39.293738+00:00	Debian Oval Importer	Affected by	VCID-p9x9-898h-qbfw	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T17:24:51.683580+00:00	Debian Oval Importer	Fixing	VCID-4pyf-eyb2-yfcq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T17:05:43.462678+00:00	Debian Oval Importer	Fixing	VCID-f37y-e6dq-duc2	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T17:05:18.317598+00:00	Debian Oval Importer	Affected by	VCID-z43y-5b52-yuey	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T17:03:42.023209+00:00	Debian Oval Importer	Fixing	VCID-7hb1-augy-3yaw	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T16:16:22.649884+00:00	Debian Oval Importer	Fixing	VCID-g32t-hyzv-23fh	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T16:15:38.550914+00:00	Debian Oval Importer	Affected by	VCID-53eh-h9e9-n3c2	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T16:09:19.196707+00:00	Debian Oval Importer	Affected by	VCID-ggp7-3m8t-zqbq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T15:38:52.198872+00:00	Debian Oval Importer	Fixing	VCID-ntuf-rkzm-ekam	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T15:34:39.934200+00:00	Debian Oval Importer	Affected by	VCID-phgg-akm7-eyac	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T15:29:13.638176+00:00	Debian Oval Importer	Affected by	VCID-een8-44f2-ybhf	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T15:12:20.040729+00:00	Debian Oval Importer	Fixing	VCID-khkx-343s-bfb5	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T14:56:06.429530+00:00	Debian Oval Importer	Affected by	VCID-f1j1-6rf1-hyd7	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T14:31:37.767725+00:00	Debian Oval Importer	Fixing	VCID-2pfx-b8x4-5bbd	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T14:23:47.395299+00:00	Debian Oval Importer	Fixing	VCID-ukah-bp2y-bkd6	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T13:59:20.169034+00:00	Debian Oval Importer	Fixing	VCID-kfn2-9yvt-k7av	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T13:58:25.773626+00:00	Debian Oval Importer	Affected by	VCID-k5ax-dz9v-q3f3	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T13:45:08.505224+00:00	Debian Oval Importer	Affected by	VCID-hcpq-m5t8-bfga	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T13:06:19.723399+00:00	Debian Oval Importer	Affected by	VCID-4t2u-54h2-2bes	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T13:05:46.727462+00:00	Debian Oval Importer	Affected by	VCID-cazs-jjwq-3uh4	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T12:59:46.012170+00:00	Debian Oval Importer	Affected by	VCID-xt7n-vwqs-6kf5	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T12:48:40.222052+00:00	Debian Oval Importer	Fixing	VCID-un99-mchg-effd	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T12:31:14.669747+00:00	Debian Oval Importer	Fixing	VCID-y2zq-yuds-dbdd	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T12:18:42.277649+00:00	Debian Oval Importer	Affected by	VCID-r323-w2qc-3bdh	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0