VulnerableCode Package Details - pkg:deb/debian/webkit2gtk@2.48.3-1~deb12u1

Search for packages

Package details: pkg:deb/debian/webkit2gtk@2.48.3-1~deb12u1

Essentials
History (26)

purl	pkg:deb/debian/webkit2gtk@2.48.3-1~deb12u1

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (26)

Vulnerability	Summary	Aliases
VCID-2zmm-ts7g-auhs	The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, macOS Sequoia 15.6, iPadOS 17.7.9, iOS 18.6 and iPadOS 18.6, tvOS 18.6, watchOS 11.6, visionOS 2.6. Processing web content may lead to a denial-of-service.	CVE-2025-43211
VCID-4t2u-54h2-2bes	A buffer overflow issue was addressed with improved memory handling. This issue is fixed in tvOS 18.4, Safari 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. Processing maliciously crafted web content may lead to an unexpected process crash.	CVE-2025-24209
VCID-53eh-h9e9-n3c2	The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to memory corruption.	CVE-2025-24223
VCID-6vtn-1pj7-s3f3	A permissions issue was addressed with additional restrictions. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4. Loading a malicious iframe may lead to a cross-site scripting attack.	CVE-2025-24208
VCID-6zm4-vrfe-d3ee	The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iPadOS 17.7.9, watchOS 11.6, visionOS 2.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6. Processing maliciously crafted web content may lead to memory corruption.	CVE-2025-31278
VCID-bqqq-jbnz-gufx	The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, macOS Sequoia 15.6, iOS 18.6 and iPadOS 18.6, tvOS 18.6, watchOS 11.6, visionOS 2.6. Processing maliciously crafted web content may lead to an unexpected Safari crash.	CVE-2025-43212
VCID-c7j8-9stv-vybz	The issue was addressed with improved UI. This issue is fixed in iOS 18.6 and iPadOS 18.6, Safari 18. 6. Visiting a malicious website may lead to address bar spoofing.	CVE-2025-43228
VCID-cazs-jjwq-3uh4	The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.4, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, Safari 18.4. Processing maliciously crafted web content may lead to an unexpected Safari crash.	CVE-2025-24216
VCID-een8-44f2-ybhf	An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in visionOS 2.3.2, iOS 18.3.2 and iPadOS 18.3.2, macOS Sequoia 15.3.2, Safari 18.3.1, watchOS 11.4, iPadOS 17.7.6, iOS 16.7.11 and iPadOS 16.7.11, iOS 15.8.4 and iPadOS 15.8.4. Maliciously crafted web content may be able to break out of Web Content sandbox. This is a supplementary fix for an attack that was blocked in iOS 17.2. (Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2.).	CVE-2025-24201
VCID-f1j1-6rf1-hyd7	The issue was addressed with improved checks. This issue is fixed in watchOS 11, macOS Sequoia 15, Safari 18, visionOS 2, iOS 18 and iPadOS 18, tvOS 18. Processing maliciously crafted web content may lead to an unexpected process crash.	CVE-2024-44192
VCID-ggp7-3m8t-zqbq	A type confusion issue was addressed with improved state handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to an unexpected Safari crash.	CVE-2025-31206
VCID-hcpq-m5t8-bfga	The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to an unexpected process crash.	CVE-2025-31215
VCID-heb9-9d3e-a7cn	An out-of-bounds read was addressed with improved input validation. This issue is fixed in Safari 18.6, watchOS 11.6, visionOS 2.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6. Processing maliciously crafted web content may disclose internal states of the app.	CVE-2025-43265
VCID-k5ax-dz9v-q3f3	The issue was addressed with improved memory handling. This issue is fixed in watchOS 10.6, tvOS 17.6, Safari 17.6, macOS Sonoma 14.6, visionOS 1.3, iOS 17.6 and iPadOS 17.6. Processing web content may lead to a denial-of-service.	CVE-2024-54551
VCID-ksgy-zrvt-13hq	A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6, Safari 18. 6. A download's origin may be incorrectly associated.	CVE-2025-43240
VCID-nwzv-5yc9-abdr	Insufficient validation of untrusted input in ANGLE and GPU in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)	CVE-2025-6558
VCID-p9x9-898h-qbfw	A cookie management issue was addressed with improved state management. This issue is fixed in watchOS 11, macOS Sequoia 15, Safari 18, visionOS 2, iOS 18 and iPadOS 18, tvOS 18. A malicious website may exfiltrate data cross-origin.	CVE-2024-54467
VCID-pdxk-rjfx-xfct	A use-after-free issue was addressed with improved memory management. This issue is fixed in visionOS 2.4, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, Safari 18.4. Processing maliciously crafted web content may lead to an unexpected Safari crash.	CVE-2025-30427
VCID-phgg-akm7-eyac	The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.4, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, Safari 18.4. Processing maliciously crafted web content may lead to an unexpected Safari crash.	CVE-2025-24264
VCID-r323-w2qc-3bdh	The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. A malicious website may exfiltrate data cross-origin.	CVE-2025-31205
VCID-t3vb-qhya-6ybx	The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, macOS Sequoia 15.6, iOS 18.6 and iPadOS 18.6, tvOS 18.6, watchOS 11.6, visionOS 2.6. Processing maliciously crafted web content may lead to memory corruption.	CVE-2025-31273
VCID-ukfv-y47s-j3cz	This issue was addressed through improved state management. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, watchOS 11.6, visionOS 2.6. Processing maliciously crafted web content may disclose sensitive user information.	CVE-2025-43227
VCID-wbu7-jgfp-6fd3	This issue was addressed with improved handling of floats. This issue is fixed in tvOS 18.5, Safari 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, watchOS 11.5, visionOS 2.5. A type confusion issue could lead to memory corruption.	CVE-2025-24213
VCID-xt7n-vwqs-6kf5	The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to memory corruption.	CVE-2025-31204
VCID-xwp9-yhvn-qyh7	A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 18.6, watchOS 11.6, iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, tvOS 18.6, macOS Sequoia 15.6, visionOS 2.6. Processing maliciously crafted web content may lead to an unexpected Safari crash.	CVE-2025-43216
VCID-z43y-5b52-yuey	This issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to an unexpected Safari crash.	CVE-2025-31257

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-08-12T12:49:39.291914+00:00	Debian Importer	Fixing	VCID-bqqq-jbnz-gufx	https://security-tracker.debian.org/tracker/data/json	37.0.0
2025-08-12T12:40:25.003066+00:00	Debian Importer	Fixing	VCID-xwp9-yhvn-qyh7	https://security-tracker.debian.org/tracker/data/json	37.0.0
2025-08-12T12:19:56.121268+00:00	Debian Importer	Fixing	VCID-ukfv-y47s-j3cz	https://security-tracker.debian.org/tracker/data/json	37.0.0
2025-08-12T12:18:57.760811+00:00	Debian Importer	Fixing	VCID-c7j8-9stv-vybz	https://security-tracker.debian.org/tracker/data/json	37.0.0
2025-08-12T12:15:08.211513+00:00	Debian Importer	Fixing	VCID-heb9-9d3e-a7cn	https://security-tracker.debian.org/tracker/data/json	37.0.0
2025-08-12T12:11:06.970005+00:00	Debian Importer	Fixing	VCID-2zmm-ts7g-auhs	https://security-tracker.debian.org/tracker/data/json	37.0.0
2025-08-12T12:10:53.460145+00:00	Debian Importer	Fixing	VCID-t3vb-qhya-6ybx	https://security-tracker.debian.org/tracker/data/json	37.0.0
2025-08-12T12:10:38.404849+00:00	Debian Importer	Fixing	VCID-ksgy-zrvt-13hq	https://security-tracker.debian.org/tracker/data/json	37.0.0
2025-08-12T12:00:07.927892+00:00	Debian Importer	Fixing	VCID-6zm4-vrfe-d3ee	https://security-tracker.debian.org/tracker/data/json	37.0.0
2025-08-12T11:44:11.045433+00:00	Debian Importer	Fixing	VCID-nwzv-5yc9-abdr	https://security-tracker.debian.org/tracker/data/json	37.0.0
2025-08-01T18:55:15.571056+00:00	Debian Oval Importer	Fixing	VCID-pdxk-rjfx-xfct	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T18:22:12.753130+00:00	Debian Oval Importer	Fixing	VCID-wbu7-jgfp-6fd3	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T17:42:39.784913+00:00	Debian Oval Importer	Fixing	VCID-6vtn-1pj7-s3f3	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T17:41:39.298321+00:00	Debian Oval Importer	Fixing	VCID-p9x9-898h-qbfw	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T17:05:18.322308+00:00	Debian Oval Importer	Fixing	VCID-z43y-5b52-yuey	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T16:15:38.555647+00:00	Debian Oval Importer	Fixing	VCID-53eh-h9e9-n3c2	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T16:09:19.201536+00:00	Debian Oval Importer	Fixing	VCID-ggp7-3m8t-zqbq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T15:34:39.938708+00:00	Debian Oval Importer	Fixing	VCID-phgg-akm7-eyac	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T15:29:13.642864+00:00	Debian Oval Importer	Fixing	VCID-een8-44f2-ybhf	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T14:56:06.434014+00:00	Debian Oval Importer	Fixing	VCID-f1j1-6rf1-hyd7	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T13:58:25.778110+00:00	Debian Oval Importer	Fixing	VCID-k5ax-dz9v-q3f3	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T13:45:08.510023+00:00	Debian Oval Importer	Fixing	VCID-hcpq-m5t8-bfga	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T13:06:19.728494+00:00	Debian Oval Importer	Fixing	VCID-4t2u-54h2-2bes	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T13:05:46.732255+00:00	Debian Oval Importer	Fixing	VCID-cazs-jjwq-3uh4	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T12:59:46.014830+00:00	Debian Oval Importer	Fixing	VCID-xt7n-vwqs-6kf5	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T12:18:42.283548+00:00	Debian Oval Importer	Fixing	VCID-r323-w2qc-3bdh	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0