VulnerableCode Package Details - pkg:deb/debian/webkit2gtk@2.48.5-1~deb12u1

Search for packages

Package details: pkg:deb/debian/webkit2gtk@2.48.5-1~deb12u1

Essentials
History (25)

purl	pkg:deb/debian/webkit2gtk@2.48.5-1~deb12u1

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (25)

Vulnerability	Summary	Aliases
VCID-2pfx-b8x4-5bbd	A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 18.1 and iPadOS 18.1, watchOS 11.1, visionOS 2.1, tvOS 18.1, macOS Sequoia 15.1, Safari 18.1. Processing maliciously crafted web content may lead to an unexpected process crash.	CVE-2024-44244
VCID-4pyf-eyb2-yfcq	The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.3, Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Processing web content may lead to a denial-of-service.	CVE-2025-24158
VCID-4t2u-54h2-2bes	A buffer overflow issue was addressed with improved memory handling. This issue is fixed in tvOS 18.4, Safari 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. Processing maliciously crafted web content may lead to an unexpected process crash.	CVE-2025-24209
VCID-53eh-h9e9-n3c2	The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to memory corruption.	CVE-2025-24223
VCID-6vtn-1pj7-s3f3	A permissions issue was addressed with additional restrictions. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4. Loading a malicious iframe may lead to a cross-site scripting attack.	CVE-2025-24208
VCID-7hb1-augy-3yaw	A cookie management issue was addressed with improved state management. This issue is fixed in Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, macOS Sequoia 15.1.1, iOS 18.1.1 and iPadOS 18.1.1, visionOS 2.1.1. Processing maliciously crafted web content may lead to a cross site scripting attack. Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems.	CVE-2024-44309
VCID-cazs-jjwq-3uh4	The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.4, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, Safari 18.4. Processing maliciously crafted web content may lead to an unexpected Safari crash.	CVE-2025-24216
VCID-een8-44f2-ybhf	An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in visionOS 2.3.2, iOS 18.3.2 and iPadOS 18.3.2, macOS Sequoia 15.3.2, Safari 18.3.1, watchOS 11.4, iPadOS 17.7.6, iOS 16.7.11 and iPadOS 16.7.11, iOS 15.8.4 and iPadOS 15.8.4. Maliciously crafted web content may be able to break out of Web Content sandbox. This is a supplementary fix for an attack that was blocked in iOS 17.2. (Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2.).	CVE-2025-24201
VCID-f1j1-6rf1-hyd7	The issue was addressed with improved checks. This issue is fixed in watchOS 11, macOS Sequoia 15, Safari 18, visionOS 2, iOS 18 and iPadOS 18, tvOS 18. Processing maliciously crafted web content may lead to an unexpected process crash.	CVE-2024-44192
VCID-f37y-e6dq-duc2	A privacy issue was addressed with improved handling of files. This issue is fixed in macOS Sequoia 15.3, Safari 18.3, iOS 18.3 and iPadOS 18.3. Copying a URL from Web Inspector may lead to command injection.	CVE-2025-24150
VCID-g32t-hyzv-23fh	This issue was addressed through improved state management. This issue is fixed in visionOS 2.3, Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Processing maliciously crafted web content may lead to an unexpected process crash.	CVE-2025-24162
VCID-ggp7-3m8t-zqbq	A type confusion issue was addressed with improved state handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to an unexpected Safari crash.	CVE-2025-31206
VCID-hcpq-m5t8-bfga	The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to an unexpected process crash.	CVE-2025-31215
VCID-k5ax-dz9v-q3f3	The issue was addressed with improved memory handling. This issue is fixed in watchOS 10.6, tvOS 17.6, Safari 17.6, macOS Sonoma 14.6, visionOS 1.3, iOS 17.6 and iPadOS 17.6. Processing web content may lead to a denial-of-service.	CVE-2024-54551
VCID-kfn2-9yvt-k7av	The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.2, tvOS 18.2, Safari 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2. Processing maliciously crafted web content may lead to memory corruption.	CVE-2024-54543
VCID-khkx-343s-bfb5	The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.3, watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to an unexpected process crash.	CVE-2024-54479
VCID-ntuf-rkzm-ekam	The issue was addressed with improved checks. This issue is fixed in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to an unexpected process crash.	CVE-2024-54502
VCID-p9x9-898h-qbfw	A cookie management issue was addressed with improved state management. This issue is fixed in watchOS 11, macOS Sequoia 15, Safari 18, visionOS 2, iOS 18 and iPadOS 18, tvOS 18. A malicious website may exfiltrate data cross-origin.	CVE-2024-54467
VCID-phgg-akm7-eyac	The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.4, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, Safari 18.4. Processing maliciously crafted web content may lead to an unexpected Safari crash.	CVE-2025-24264
VCID-r323-w2qc-3bdh	The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. A malicious website may exfiltrate data cross-origin.	CVE-2025-31205
VCID-ukah-bp2y-bkd6	A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. This issue is fixed in Safari 18, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, tvOS 18. A malicious website may exfiltrate data cross-origin.	CVE-2024-44187
VCID-un99-mchg-effd	The issue was addressed with improved UI. This issue is fixed in Safari 18, macOS Sequoia 15. Visiting a malicious website may lead to address bar spoofing.	CVE-2024-40866
VCID-xt7n-vwqs-6kf5	The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to memory corruption.	CVE-2025-31204
VCID-y2zq-yuds-dbdd	The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to an unexpected process crash.	CVE-2024-54508
VCID-z43y-5b52-yuey	This issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to an unexpected Safari crash.	CVE-2025-31257

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-09-10T04:54:15.682939+00:00	Debian Oval Importer	Fixing	VCID-6vtn-1pj7-s3f3	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-09-10T04:53:02.097752+00:00	Debian Oval Importer	Fixing	VCID-p9x9-898h-qbfw	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-09-10T04:34:06.531020+00:00	Debian Oval Importer	Fixing	VCID-4pyf-eyb2-yfcq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-09-10T04:10:41.151741+00:00	Debian Oval Importer	Fixing	VCID-f37y-e6dq-duc2	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-09-10T04:09:49.349513+00:00	Debian Oval Importer	Fixing	VCID-z43y-5b52-yuey	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-09-10T04:07:14.957662+00:00	Debian Oval Importer	Fixing	VCID-7hb1-augy-3yaw	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-09-10T02:20:11.549509+00:00	Debian Oval Importer	Fixing	VCID-g32t-hyzv-23fh	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-09-10T02:18:41.735335+00:00	Debian Oval Importer	Fixing	VCID-53eh-h9e9-n3c2	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-09-10T02:02:00.649419+00:00	Debian Oval Importer	Fixing	VCID-ggp7-3m8t-zqbq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-09-10T01:13:16.996175+00:00	Debian Oval Importer	Fixing	VCID-ntuf-rkzm-ekam	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-09-10T01:06:36.546256+00:00	Debian Oval Importer	Fixing	VCID-phgg-akm7-eyac	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-09-10T00:58:21.317177+00:00	Debian Oval Importer	Fixing	VCID-een8-44f2-ybhf	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-09-10T00:32:47.610275+00:00	Debian Oval Importer	Fixing	VCID-khkx-343s-bfb5	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-09-10T00:11:09.991858+00:00	Debian Oval Importer	Fixing	VCID-f1j1-6rf1-hyd7	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-09-09T23:36:38.420362+00:00	Debian Oval Importer	Fixing	VCID-2pfx-b8x4-5bbd	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-09-09T23:24:13.642941+00:00	Debian Oval Importer	Fixing	VCID-ukah-bp2y-bkd6	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-09-09T22:47:31.750591+00:00	Debian Oval Importer	Fixing	VCID-kfn2-9yvt-k7av	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-09-09T22:46:07.668084+00:00	Debian Oval Importer	Fixing	VCID-k5ax-dz9v-q3f3	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-09-09T22:25:39.866511+00:00	Debian Oval Importer	Fixing	VCID-hcpq-m5t8-bfga	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-09-09T21:32:30.877623+00:00	Debian Oval Importer	Fixing	VCID-4t2u-54h2-2bes	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-09-09T21:31:56.733218+00:00	Debian Oval Importer	Fixing	VCID-cazs-jjwq-3uh4	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-09-09T21:25:01.891813+00:00	Debian Oval Importer	Fixing	VCID-xt7n-vwqs-6kf5	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-09-09T21:09:23.129218+00:00	Debian Oval Importer	Fixing	VCID-un99-mchg-effd	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-09-09T20:40:48.136070+00:00	Debian Oval Importer	Fixing	VCID-y2zq-yuds-dbdd	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-09-09T20:21:50.931895+00:00	Debian Oval Importer	Fixing	VCID-r323-w2qc-3bdh	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0