VulnerableCode Package Details - pkg:deb/debian/wpewebkit@2.48.5-1

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-2zmm-ts7g-auhs	The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, macOS Sequoia 15.6, iPadOS 17.7.9, iOS 18.6 and iPadOS 18.6, tvOS 18.6, watchOS 11.6, visionOS 2.6. Processing web content may lead to a denial-of-service.	CVE-2025-43211
VCID-6zm4-vrfe-d3ee	The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iPadOS 17.7.9, watchOS 11.6, visionOS 2.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6. Processing maliciously crafted web content may lead to memory corruption.	CVE-2025-31278
VCID-bqqq-jbnz-gufx	The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, macOS Sequoia 15.6, iOS 18.6 and iPadOS 18.6, tvOS 18.6, watchOS 11.6, visionOS 2.6. Processing maliciously crafted web content may lead to an unexpected Safari crash.	CVE-2025-43212
VCID-c7j8-9stv-vybz	The issue was addressed with improved UI. This issue is fixed in iOS 18.6 and iPadOS 18.6, Safari 18. 6. Visiting a malicious website may lead to address bar spoofing.	CVE-2025-43228
VCID-heb9-9d3e-a7cn	An out-of-bounds read was addressed with improved input validation. This issue is fixed in Safari 18.6, watchOS 11.6, visionOS 2.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6. Processing maliciously crafted web content may disclose internal states of the app.	CVE-2025-43265
VCID-ksgy-zrvt-13hq	A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6, Safari 18. 6. A download's origin may be incorrectly associated.	CVE-2025-43240
VCID-nwzv-5yc9-abdr	Insufficient validation of untrusted input in ANGLE and GPU in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)	CVE-2025-6558
VCID-t3vb-qhya-6ybx	The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, macOS Sequoia 15.6, iOS 18.6 and iPadOS 18.6, tvOS 18.6, watchOS 11.6, visionOS 2.6. Processing maliciously crafted web content may lead to memory corruption.	CVE-2025-31273
VCID-ukfv-y47s-j3cz	This issue was addressed through improved state management. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, watchOS 11.6, visionOS 2.6. Processing maliciously crafted web content may disclose sensitive user information.	CVE-2025-43227
VCID-xwp9-yhvn-qyh7	A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 18.6, watchOS 11.6, iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, tvOS 18.6, macOS Sequoia 15.6, visionOS 2.6. Processing maliciously crafted web content may lead to an unexpected Safari crash.	CVE-2025-43216

Vulnerability

Summary

Aliases

VCID-2zmm-ts7g-auhs

The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, macOS Sequoia 15.6, iPadOS 17.7.9, iOS 18.6 and iPadOS 18.6, tvOS 18.6, watchOS 11.6, visionOS 2.6. Processing web content may lead to a denial-of-service.

CVE-2025-43211

VCID-6zm4-vrfe-d3ee

The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iPadOS 17.7.9, watchOS 11.6, visionOS 2.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6. Processing maliciously crafted web content may lead to memory corruption.

CVE-2025-31278

VCID-bqqq-jbnz-gufx

The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, macOS Sequoia 15.6, iOS 18.6 and iPadOS 18.6, tvOS 18.6, watchOS 11.6, visionOS 2.6. Processing maliciously crafted web content may lead to an unexpected Safari crash.

CVE-2025-43212

VCID-c7j8-9stv-vybz

The issue was addressed with improved UI. This issue is fixed in iOS 18.6 and iPadOS 18.6, Safari 18. 6. Visiting a malicious website may lead to address bar spoofing.

CVE-2025-43228

VCID-heb9-9d3e-a7cn

An out-of-bounds read was addressed with improved input validation. This issue is fixed in Safari 18.6, watchOS 11.6, visionOS 2.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6. Processing maliciously crafted web content may disclose internal states of the app.

CVE-2025-43265

VCID-ksgy-zrvt-13hq

A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6, Safari 18. 6. A download's origin may be incorrectly associated.

CVE-2025-43240

VCID-nwzv-5yc9-abdr

Insufficient validation of untrusted input in ANGLE and GPU in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

CVE-2025-6558

VCID-t3vb-qhya-6ybx

CVE-2025-31273

VCID-ukfv-y47s-j3cz

This issue was addressed through improved state management. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, watchOS 11.6, visionOS 2.6. Processing maliciously crafted web content may disclose sensitive user information.

CVE-2025-43227

VCID-xwp9-yhvn-qyh7

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 18.6, watchOS 11.6, iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, tvOS 18.6, macOS Sequoia 15.6, visionOS 2.6. Processing maliciously crafted web content may lead to an unexpected Safari crash.

CVE-2025-43216

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-08-12T12:40:54.152758+00:00	Debian Importer	Fixing	VCID-bqqq-jbnz-gufx	https://security-tracker.debian.org/tracker/data/json	37.0.0
2025-08-12T12:26:19.379807+00:00	Debian Importer	Fixing	VCID-ksgy-zrvt-13hq	https://security-tracker.debian.org/tracker/data/json	37.0.0
2025-08-12T12:24:06.088164+00:00	Debian Importer	Fixing	VCID-6zm4-vrfe-d3ee	https://security-tracker.debian.org/tracker/data/json	37.0.0
2025-08-12T12:21:32.884392+00:00	Debian Importer	Fixing	VCID-xwp9-yhvn-qyh7	https://security-tracker.debian.org/tracker/data/json	37.0.0
2025-08-12T12:19:27.867910+00:00	Debian Importer	Fixing	VCID-c7j8-9stv-vybz	https://security-tracker.debian.org/tracker/data/json	37.0.0
2025-08-12T12:10:21.476974+00:00	Debian Importer	Fixing	VCID-nwzv-5yc9-abdr	https://security-tracker.debian.org/tracker/data/json	37.0.0
2025-08-12T11:58:15.723820+00:00	Debian Importer	Fixing	VCID-ukfv-y47s-j3cz	https://security-tracker.debian.org/tracker/data/json	37.0.0
2025-08-12T11:27:19.593193+00:00	Debian Importer	Fixing	VCID-2zmm-ts7g-auhs	https://security-tracker.debian.org/tracker/data/json	37.0.0
2025-08-12T11:26:59.845281+00:00	Debian Importer	Fixing	VCID-t3vb-qhya-6ybx	https://security-tracker.debian.org/tracker/data/json	37.0.0
2025-08-12T11:25:43.527237+00:00	Debian Importer	Fixing	VCID-heb9-9d3e-a7cn	https://security-tracker.debian.org/tracker/data/json	37.0.0