{ "document": { "aggregate_severity": { "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "TuxCare License Agreement", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Cloud Linux Inc. and provide a link to the original.", "title": "Terms of Use" }, { "category": "details", "text": "Update to 2.48.5. The following CVEs were fixed:\n- CVE-2025-6558: fix processing maliciously crafted web content which may\n lead to an unexpected Safari crash\n- CVE-2025-31273: fix processing maliciously crafted web content which may\n lead to memory corruption\n- CVE-2025-31278: fix processing maliciously crafted web content which may\n lead to memory corruption\n- CVE-2025-43212: fix processing maliciously crafted web content which may\n lead to an unexpected Safari crash\n- CVE-2025-43216: fix processing maliciously crafted web content which may\n lead to an unexpected Safari crash\n- CVE-2025-43228: fix issue with visiting a malicious website which may lead\n to address bar spoofing\n- CVE-2025-24189: fix processing maliciously crafted web content which may\n lead to memory corruption\n- CVE-2025-31205: fix issue with a malicious website which may exfiltrate\n data cross-origin\n- CVE-2025-24208: fix loading a malicious iframe which may lead to a cross-site\n scripting attack\n- CVE-2024-54551: fix processing web content which may lead to a denial-of-service\n- CVE-2024-44192: fix processing maliciously crafted web content which may\n lead to an unexpected process crash\n- CVE-2024-54467: fix issue with a malicious website which may exfiltrate\n data cross-origin\n- CVE-2025-24162: fix processing maliciously crafted web content which may\n lead to an unexpected process crash\n- CVE-2024-54502: fix processing maliciously crafted web content which may\n lead to an unexpected process crash\n- CVE-2024-44244: fix processing maliciously crafted web content which may\n lead to an unexpected process crash\n- CVE-2024-44185: fix processing maliciously crafted web content which may\n lead to an unexpected process crash\n- CVE-2024-44187: fix issue wit a malicious website may exfiltrate data\n cross-origin\n- CVE-2024-40866: fix issue with visiting a malicious website which may lead\n to address bar spoofing", "title": "Details" } ], "publisher": { "category": "vendor", "contact_details": "https://tuxcare.com/contact/", "name": "TuxCare", "namespace": "https://tuxcare.com/" }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://security.tuxcare.com/csaf/v2/els_os/almalinux9.2esu/advisories/2025/clsa-2025_1756751564.json" }, { "category": "self", "summary": "https://cve.tuxcare.com/els/releases/CLSA-2025:1756751564", "url": "https://cve.tuxcare.com/els/releases/CLSA-2025:1756751564" } ], "tracking": { "current_release_date": "2026-04-30T01:14:49Z", "generator": { "date": "2026-04-30T01:14:49Z", "engine": { "name": "pyCSAF" } }, "id": "CLSA-2025:1756751564", "initial_release_date": "2025-09-01T18:32:46Z", "revision_history": [ { "date": "2025-09-01T18:32:46Z", "number": "1", "summary": "Initial version" }, { "date": "2025-09-15T07:51:39Z", "number": "2", "summary": "Official Publication" }, { "date": "2026-02-16T09:36:08Z", "number": "3", "summary": "Update document" }, { "date": "2026-04-29T15:23:04Z", "number": "4", "summary": "Update document" }, { "date": "2026-04-30T01:14:49Z", "number": "5", "summary": "Update document" } ], "status": "final", "version": "5" }, "title": "webkit2gtk3: Fix of 18 CVEs" }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "AlmaLinux 9.2", "product": { "name": "AlmaLinux 9.2", "product_id": "AlmaLinux-9.2", "product_identification_helper": { "cpe": "cpe:2.3:o:almalinux:almalinux:9.2:*:*:*:*:*:*:*" } } } ], "category": "product_family", "name": "AlmaLinux" } ], "category": "vendor", "name": "AlmaLinux OS Foundation" }, { "branches": [ { "branches": [ { "category": "product_version", "name": "webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "product": { "name": "webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "product_id": "webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/webkit2gtk3-devel@2.48.5-1.el9.tuxcare.els1?arch=x86_64" } } }, { "category": "product_version", "name": "webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "product": { "name": "webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "product_id": "webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/webkit2gtk3@2.48.5-1.el9.tuxcare.els1?arch=x86_64" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "product": { "name": "webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "product_id": "webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/webkit2gtk3-jsc-devel@2.48.5-1.el9.tuxcare.els1?arch=x86_64" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "product": { "name": "webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "product_id": "webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/webkit2gtk3-jsc@2.48.5-1.el9.tuxcare.els1?arch=x86_64" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els10.x86_64", "product": { "name": "webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els10.x86_64", "product_id": "webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/webkit2gtk3-jsc@2.44.4-1.el9.tuxcare.els10?arch=x86_64" } } }, { "category": "product_version", "name": "webkit2gtk3-0:2.44.4-1.el9.tuxcare.els10.x86_64", "product": { "name": "webkit2gtk3-0:2.44.4-1.el9.tuxcare.els10.x86_64", "product_id": "webkit2gtk3-0:2.44.4-1.el9.tuxcare.els10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/webkit2gtk3@2.44.4-1.el9.tuxcare.els10?arch=x86_64" } } }, { "category": "product_version", "name": "webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "product": { "name": "webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "product_id": "webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/webkit2gtk3-devel@2.44.4-1.el9.tuxcare.els10?arch=x86_64" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "product": { "name": "webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "product_id": "webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/webkit2gtk3-jsc-devel@2.44.4-1.el9.tuxcare.els10?arch=x86_64" } } }, { "category": "product_version", "name": "webkit2gtk3-0:2.44.4-1.el9.tuxcare.els9.x86_64", "product": { "name": "webkit2gtk3-0:2.44.4-1.el9.tuxcare.els9.x86_64", "product_id": "webkit2gtk3-0:2.44.4-1.el9.tuxcare.els9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/webkit2gtk3@2.44.4-1.el9.tuxcare.els9?arch=x86_64" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64", "product": { "name": "webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64", "product_id": "webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/webkit2gtk3-jsc-devel@2.44.4-1.el9.tuxcare.els9?arch=x86_64" } } }, { "category": "product_version", "name": "webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64", "product": { "name": "webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64", "product_id": "webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/webkit2gtk3-devel@2.44.4-1.el9.tuxcare.els9?arch=x86_64" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els9.x86_64", "product": { "name": "webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els9.x86_64", "product_id": "webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/webkit2gtk3-jsc@2.44.4-1.el9.tuxcare.els9?arch=x86_64" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "product": { "name": "webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "product_id": "webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/webkit2gtk3-jsc-devel@2.44.4-1.el9.tuxcare.els5?arch=x86_64" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els5.x86_64", "product": { "name": "webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els5.x86_64", "product_id": "webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/webkit2gtk3-jsc@2.44.4-1.el9.tuxcare.els5?arch=x86_64" } } }, { "category": "product_version", "name": "webkit2gtk3-0:2.44.4-1.el9.tuxcare.els5.x86_64", "product": { "name": "webkit2gtk3-0:2.44.4-1.el9.tuxcare.els5.x86_64", "product_id": "webkit2gtk3-0:2.44.4-1.el9.tuxcare.els5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/webkit2gtk3@2.44.4-1.el9.tuxcare.els5?arch=x86_64" } } }, { "category": "product_version", "name": "webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "product": { "name": "webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "product_id": "webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/webkit2gtk3-devel@2.44.4-1.el9.tuxcare.els5?arch=x86_64" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els1.x86_64", "product": { "name": "webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els1.x86_64", "product_id": "webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/webkit2gtk3-jsc@2.44.4-1.el9.tuxcare.els1?arch=x86_64" } } }, { "category": "product_version", "name": "webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "product": { "name": "webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "product_id": "webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/webkit2gtk3-devel@2.44.4-1.el9.tuxcare.els1?arch=x86_64" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "product": { "name": "webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "product_id": "webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/webkit2gtk3-jsc-devel@2.44.4-1.el9.tuxcare.els1?arch=x86_64" } } }, { "category": "product_version", "name": "webkit2gtk3-0:2.44.4-1.el9.tuxcare.els1.x86_64", "product": { "name": "webkit2gtk3-0:2.44.4-1.el9.tuxcare.els1.x86_64", "product_id": "webkit2gtk3-0:2.44.4-1.el9.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/webkit2gtk3@2.44.4-1.el9.tuxcare.els1?arch=x86_64" } } }, { "category": "product_version", "name": "webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "product": { "name": "webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "product_id": "webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/webkit2gtk3@2.38.5-1.el9.3.tuxcare.els1?arch=x86_64" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "product": { "name": "webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "product_id": "webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/webkit2gtk3-jsc@2.38.5-1.el9.3.tuxcare.els1?arch=x86_64" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "product": { "name": "webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "product_id": "webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/webkit2gtk3-jsc-devel@2.38.5-1.el9.3.tuxcare.els1?arch=x86_64" } } }, { "category": "product_version", "name": "webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "product": { "name": "webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "product_id": "webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/webkit2gtk3-devel@2.38.5-1.el9.3.tuxcare.els1?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.i686", "product": { "name": "webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.i686", "product_id": "webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.i686", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/webkit2gtk3@2.38.5-1.el9.3.tuxcare.els1?arch=i686" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.i686", "product": { "name": "webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.i686", "product_id": "webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.i686", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/webkit2gtk3-jsc@2.38.5-1.el9.3.tuxcare.els1?arch=i686" } } }, { "category": "product_version", "name": "webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "product": { "name": "webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "product_id": "webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/webkit2gtk3-jsc-devel@2.38.5-1.el9.3.tuxcare.els1?arch=i686" } } }, { "category": "product_version", "name": "webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "product": { "name": "webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "product_id": "webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/webkit2gtk3-devel@2.38.5-1.el9.3.tuxcare.els1?arch=i686" } } } ], "category": "architecture", "name": "i686" } ], "category": "vendor", "name": "TuxCare" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" }, "product_reference": "webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64" }, "product_reference": "webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" }, "product_reference": "webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64" }, "product_reference": "webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els10.x86_64 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els10.x86_64" }, "product_reference": "webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els10.x86_64", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-0:2.44.4-1.el9.tuxcare.els10.x86_64 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els10.x86_64" }, "product_reference": "webkit2gtk3-0:2.44.4-1.el9.tuxcare.els10.x86_64", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64" }, "product_reference": "webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64" }, "product_reference": "webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-0:2.44.4-1.el9.tuxcare.els9.x86_64 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els9.x86_64" }, "product_reference": "webkit2gtk3-0:2.44.4-1.el9.tuxcare.els9.x86_64", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64" }, "product_reference": "webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64" }, "product_reference": "webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els9.x86_64 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els9.x86_64" }, "product_reference": "webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els9.x86_64", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64" }, "product_reference": "webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els5.x86_64 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els5.x86_64" }, "product_reference": "webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els5.x86_64", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-0:2.44.4-1.el9.tuxcare.els5.x86_64 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els5.x86_64" }, "product_reference": "webkit2gtk3-0:2.44.4-1.el9.tuxcare.els5.x86_64", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64" }, "product_reference": "webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els1.x86_64 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els1.x86_64" }, "product_reference": "webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els1.x86_64", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64" }, "product_reference": "webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64" }, "product_reference": "webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-0:2.44.4-1.el9.tuxcare.els1.x86_64 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els1.x86_64" }, "product_reference": "webkit2gtk3-0:2.44.4-1.el9.tuxcare.els1.x86_64", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.i686 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.i686" }, "product_reference": "webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.i686", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.x86_64 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.x86_64" }, "product_reference": "webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.x86_64 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.x86_64" }, "product_reference": "webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.i686 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.i686" }, "product_reference": "webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.i686", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64" }, "product_reference": "webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686" }, "product_reference": "webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64" }, "product_reference": "webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686" }, "product_reference": "webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "relates_to_product_reference": "AlmaLinux-9.2" } ] }, "vulnerabilities": [ { "cve": "CVE-2024-44187", "cwe": { "id": "CWE-346", "name": "Origin Validation Error" }, "notes": [ { "category": "description", "text": "A cross-origin issue existed with \"iframe\" elements. This was addressed with improved tracking of security origins. This issue is fixed in Safari 18, iOS 18 and iPadOS 18, macOS Sequoia 15, tvOS 18, visionOS 2, watchOS 11. A malicious website may exfiltrate data cross-origin.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ], "known_affected": [ "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-44187" }, { "category": "external", "summary": "https://support.apple.com/en-us/121238", "url": "https://support.apple.com/en-us/121238" }, { "category": "external", "summary": "https://support.apple.com/en-us/121240", "url": "https://support.apple.com/en-us/121240" }, { "category": "external", "summary": "https://support.apple.com/en-us/121241", "url": "https://support.apple.com/en-us/121241" }, { "category": "external", "summary": "https://support.apple.com/en-us/121248", "url": "https://support.apple.com/en-us/121248" }, { "category": "external", "summary": "https://support.apple.com/en-us/121249", "url": "https://support.apple.com/en-us/121249" }, { "category": "external", "summary": "https://support.apple.com/en-us/121250", "url": "https://support.apple.com/en-us/121250" }, { "category": "external", "summary": "http://seclists.org/fulldisclosure/2024/Sep/32", "url": "http://seclists.org/fulldisclosure/2024/Sep/32" }, { "category": "external", "summary": "http://seclists.org/fulldisclosure/2024/Sep/33", "url": "http://seclists.org/fulldisclosure/2024/Sep/33" }, { "category": "external", "summary": "http://seclists.org/fulldisclosure/2024/Sep/36", "url": "http://seclists.org/fulldisclosure/2024/Sep/36" }, { "category": "external", "summary": "http://seclists.org/fulldisclosure/2024/Sep/37", "url": "http://seclists.org/fulldisclosure/2024/Sep/37" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2024/11/msg00019.html", "url": "https://lists.debian.org/debian-lts-announce/2024/11/msg00019.html" } ], "release_date": "2024-09-17T00:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2025-09-01T18:32:46.619580Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2025:1756751564", "product_ids": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2025:1756751564" }, { "category": "none_available", "details": "Affected", "product_ids": [ "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ] }, { "cve": "CVE-2024-54551", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "description", "text": "The issue was addressed with improved memory handling. This issue is fixed in Safari 17.6, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. Processing web content may lead to a denial-of-service.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ], "known_affected": [ "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-54551" } ], "release_date": "2025-04-07T00:00:00Z", "remediations": [ { "category": "vendor_fix", "date": "2025-09-01T18:32:46.619580Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2025:1756751564", "product_ids": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2025:1756751564" }, { "category": "none_available", "details": "Affected", "product_ids": [ "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ] }, { "cve": "CVE-2024-44244", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "description", "text": "A memory corruption issue was addressed with improved input validation. This issue is fixed in Safari 18.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, tvOS 18.1, visionOS 2.1, watchOS 11.1. Processing maliciously crafted web content may lead to an unexpected process crash.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ], "known_affected": [ "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-44244" }, { "category": "external", "summary": "https://support.apple.com/en-us/121563", "url": "https://support.apple.com/en-us/121563" }, { "category": "external", "summary": "https://support.apple.com/en-us/121564", "url": "https://support.apple.com/en-us/121564" }, { "category": "external", "summary": "https://support.apple.com/en-us/121565", "url": "https://support.apple.com/en-us/121565" }, { "category": "external", "summary": "https://support.apple.com/en-us/121566", "url": "https://support.apple.com/en-us/121566" }, { "category": "external", "summary": "https://support.apple.com/en-us/121569", "url": "https://support.apple.com/en-us/121569" }, { "category": "external", "summary": "https://support.apple.com/en-us/121571", "url": "https://support.apple.com/en-us/121571" }, { "category": "external", "summary": "http://seclists.org/fulldisclosure/2024/Oct/11", "url": "http://seclists.org/fulldisclosure/2024/Oct/11" }, { "category": "external", "summary": "http://seclists.org/fulldisclosure/2024/Oct/15", "url": "http://seclists.org/fulldisclosure/2024/Oct/15" }, { "category": "external", "summary": "http://seclists.org/fulldisclosure/2024/Oct/19", "url": "http://seclists.org/fulldisclosure/2024/Oct/19" }, { "category": "external", "summary": "http://seclists.org/fulldisclosure/2024/Oct/9", "url": "http://seclists.org/fulldisclosure/2024/Oct/9" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2024/11/msg00019.html", "url": "https://lists.debian.org/debian-lts-announce/2024/11/msg00019.html" } ], "release_date": "2024-10-28T21:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2025-09-01T18:32:46.619580Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2025:1756751564", "product_ids": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2025:1756751564" }, { "category": "none_available", "details": "Affected", "product_ids": [ "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ] }, { "cve": "CVE-2025-31205", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "description", "text": "The issue was addressed with improved checks. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. A malicious website may exfiltrate data cross-origin.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ], "known_affected": [ "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-31205" } ], "release_date": "2025-05-15T00:00:00Z", "remediations": [ { "category": "vendor_fix", "date": "2025-09-01T18:32:46.619580Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2025:1756751564", "product_ids": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2025:1756751564" }, { "category": "none_available", "details": "Affected", "product_ids": [ "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ] }, { "cve": "CVE-2025-31273", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "description", "text": "The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may lead to memory corruption.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ], "known_affected": [ "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-31273" } ], "release_date": "2025-08-01T00:00:00Z", "remediations": [ { "category": "vendor_fix", "date": "2025-09-01T18:32:46.619580Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2025:1756751564", "product_ids": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2025:1756751564" }, { "category": "none_available", "details": "Affected", "product_ids": [ "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2024-40866", "notes": [ { "category": "description", "text": "The issue was addressed with improved UI. This issue is fixed in Safari 18, macOS Sequoia 15. Visiting a malicious website may lead to address bar spoofing.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ], "known_affected": [ "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-40866" }, { "category": "external", "summary": "https://support.apple.com/en-us/121238", "url": "https://support.apple.com/en-us/121238" }, { "category": "external", "summary": "https://support.apple.com/en-us/121241", "url": "https://support.apple.com/en-us/121241" }, { "category": "external", "summary": "http://seclists.org/fulldisclosure/2024/Sep/33", "url": "http://seclists.org/fulldisclosure/2024/Sep/33" }, { "category": "external", "summary": "http://seclists.org/fulldisclosure/2024/Sep/37", "url": "http://seclists.org/fulldisclosure/2024/Sep/37" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2024/11/msg00019.html", "url": "https://lists.debian.org/debian-lts-announce/2024/11/msg00019.html" } ], "release_date": "2024-09-17T00:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2025-09-01T18:32:46.619580Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2025:1756751564", "product_ids": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2025:1756751564" }, { "category": "none_available", "details": "Affected", "product_ids": [ "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ] }, { "cve": "CVE-2025-6558", "cwe": { "id": "CWE-76", "name": "Improper Neutralization of Equivalent Special Elements" }, "notes": [ { "category": "description", "text": "Insufficient validation of untrusted input in ANGLE and GPU in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ], "known_affected": [ "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-6558" } ], "release_date": "2025-07-15T18:12:00Z", "remediations": [ { "category": "vendor_fix", "date": "2025-09-01T18:32:46.619580Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2025:1756751564", "product_ids": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2025:1756751564" }, { "category": "none_available", "details": "Affected", "product_ids": [ "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2024-54502", "notes": [ { "category": "description", "text": "The issue was addressed with improved checks. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.6, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Processing maliciously crafted web content may lead to an unexpected process crash.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ], "known_affected": [ "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-54502" }, { "category": "external", "summary": "https://support.apple.com/en-us/121837", "url": "https://support.apple.com/en-us/121837" }, { "category": "external", "summary": "https://support.apple.com/en-us/121839", "url": "https://support.apple.com/en-us/121839" }, { "category": "external", "summary": "https://support.apple.com/en-us/121843", "url": "https://support.apple.com/en-us/121843" }, { "category": "external", "summary": "https://support.apple.com/en-us/121844", "url": "https://support.apple.com/en-us/121844" }, { "category": "external", "summary": "https://support.apple.com/en-us/121845", "url": "https://support.apple.com/en-us/121845" }, { "category": "external", "summary": "https://support.apple.com/en-us/121846", "url": "https://support.apple.com/en-us/121846" }, { "category": "external", "summary": "https://support.apple.com/en-us/122372", "url": "https://support.apple.com/en-us/122372" }, { "category": "external", "summary": "http://seclists.org/fulldisclosure/2024/Dec/10", "url": "http://seclists.org/fulldisclosure/2024/Dec/10" }, { "category": "external", "summary": "http://seclists.org/fulldisclosure/2024/Dec/13", "url": "http://seclists.org/fulldisclosure/2024/Dec/13" }, { "category": "external", "summary": "http://seclists.org/fulldisclosure/2024/Dec/5", "url": "http://seclists.org/fulldisclosure/2024/Dec/5" }, { "category": "external", "summary": "http://seclists.org/fulldisclosure/2024/Dec/7", "url": "http://seclists.org/fulldisclosure/2024/Dec/7" }, { "category": "external", "summary": "http://seclists.org/fulldisclosure/2025/Apr/5", "url": "http://seclists.org/fulldisclosure/2025/Apr/5" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/01/msg00002.html", "url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00002.html" } ], "release_date": "2024-12-12T02:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2025-09-01T18:32:46.619580Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2025:1756751564", "product_ids": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2025:1756751564" }, { "category": "none_available", "details": "Affected", "product_ids": [ "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ] }, { "cve": "CVE-2025-24189", "cwe": { "id": "CWE-129", "name": "Improper Validation of Array Index" }, "notes": [ { "category": "description", "text": "The issue was addressed with improved checks. This issue is fixed in Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, tvOS 18.3, visionOS 2.3, watchOS 11.3. Processing maliciously crafted web content may lead to memory corruption.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ], "known_affected": [ "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-24189" } ], "release_date": "2025-08-01T00:00:00Z", "remediations": [ { "category": "vendor_fix", "date": "2025-09-01T18:32:46.619580Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2025:1756751564", "product_ids": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2025:1756751564" }, { "category": "none_available", "details": "Affected", "product_ids": [ "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-43212", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "description", "text": "The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may lead to an unexpected Safari crash.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ], "known_affected": [ "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-43212" } ], "release_date": "2025-08-01T00:00:00Z", "remediations": [ { "category": "vendor_fix", "date": "2025-09-01T18:32:46.619580Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2025:1756751564", "product_ids": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2025:1756751564" }, { "category": "none_available", "details": "Affected", "product_ids": [ "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-43216", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may lead to an unexpected Safari crash.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ], "known_affected": [ "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-43216" } ], "release_date": "2025-08-01T00:00:00Z", "remediations": [ { "category": "vendor_fix", "date": "2025-09-01T18:32:46.619580Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2025:1756751564", "product_ids": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2025:1756751564" }, { "category": "none_available", "details": "Affected", "product_ids": [ "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2024-44185", "notes": [ { "category": "description", "text": "The issue was addressed with improved checks. This issue is fixed in Safari 17.6, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. Processing maliciously crafted web content may lead to an unexpected process crash.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ], "known_affected": [ "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-44185" }, { "category": "external", "summary": "https://support.apple.com/en-us/120909", "url": "https://support.apple.com/en-us/120909" }, { "category": "external", "summary": "https://support.apple.com/en-us/120911", "url": "https://support.apple.com/en-us/120911" }, { "category": "external", "summary": "https://support.apple.com/en-us/120913", "url": "https://support.apple.com/en-us/120913" }, { "category": "external", "summary": "https://support.apple.com/en-us/120914", "url": "https://support.apple.com/en-us/120914" }, { "category": "external", "summary": "https://support.apple.com/en-us/120915", "url": "https://support.apple.com/en-us/120915" }, { "category": "external", "summary": "https://support.apple.com/en-us/120916", "url": "https://support.apple.com/en-us/120916" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2024/11/msg00019.html", "url": "https://lists.debian.org/debian-lts-announce/2024/11/msg00019.html" } ], "release_date": "2024-10-24T17:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2025-09-01T18:32:46.619580Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2025:1756751564", "product_ids": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2025:1756751564" }, { "category": "none_available", "details": "Affected", "product_ids": [ "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ] }, { "cve": "CVE-2025-31278", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "description", "text": "The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may lead to memory corruption.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ], "known_affected": [ "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-31278" } ], "release_date": "2025-08-01T00:00:00Z", "remediations": [ { "category": "vendor_fix", "date": "2025-09-01T18:32:46.619580Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2025:1756751564", "product_ids": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2025:1756751564" }, { "category": "none_available", "details": "Affected", "product_ids": [ "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2024-54467", "notes": [ { "category": "description", "text": "A cookie management issue was addressed with improved state management. This issue is fixed in Safari 18, iOS 18 and iPadOS 18, macOS Sequoia 15, tvOS 18, visionOS 2, watchOS 11. A malicious website may exfiltrate data cross-origin.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ], "known_affected": [ "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-54467" }, { "category": "external", "summary": "https://support.apple.com/en-us/121238", "url": "https://support.apple.com/en-us/121238" }, { "category": "external", "summary": "https://support.apple.com/en-us/121240", "url": "https://support.apple.com/en-us/121240" }, { "category": "external", "summary": "https://support.apple.com/en-us/121241", "url": "https://support.apple.com/en-us/121241" }, { "category": "external", "summary": "https://support.apple.com/en-us/121248", "url": "https://support.apple.com/en-us/121248" }, { "category": "external", "summary": "https://support.apple.com/en-us/121249", "url": "https://support.apple.com/en-us/121249" }, { "category": "external", "summary": "https://support.apple.com/en-us/121250", "url": "https://support.apple.com/en-us/121250" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/06/msg00016.html", "url": "https://lists.debian.org/debian-lts-announce/2025/06/msg00016.html" } ], "release_date": "2025-03-10T19:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2025-09-01T18:32:46.619580Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2025:1756751564", "product_ids": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2025:1756751564" }, { "category": "none_available", "details": "Affected", "product_ids": [ "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ] }, { "cve": "CVE-2025-24208", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" }, "notes": [ { "category": "description", "text": "A permissions issue was addressed with additional restrictions. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4. Loading a malicious iframe may lead to a cross-site scripting attack.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ], "known_affected": [ "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-24208" } ], "release_date": "2025-04-07T00:00:00Z", "remediations": [ { "category": "vendor_fix", "date": "2025-09-01T18:32:46.619580Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2025:1756751564", "product_ids": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2025:1756751564" }, { "category": "none_available", "details": "Affected", "product_ids": [ "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ] }, { "cve": "CVE-2024-44192", "notes": [ { "category": "description", "text": "The issue was addressed with improved checks. This issue is fixed in Safari 18, iOS 18 and iPadOS 18, macOS Sequoia 15, tvOS 18, visionOS 2, watchOS 11. Processing maliciously crafted web content may lead to an unexpected process crash.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ], "known_affected": [ "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-44192" }, { "category": "external", "summary": "https://support.apple.com/en-us/121238", "url": "https://support.apple.com/en-us/121238" }, { "category": "external", "summary": "https://support.apple.com/en-us/121240", "url": "https://support.apple.com/en-us/121240" }, { "category": "external", "summary": "https://support.apple.com/en-us/121241", "url": "https://support.apple.com/en-us/121241" }, { "category": "external", "summary": "https://support.apple.com/en-us/121248", "url": "https://support.apple.com/en-us/121248" }, { "category": "external", "summary": "https://support.apple.com/en-us/121249", "url": "https://support.apple.com/en-us/121249" }, { "category": "external", "summary": "https://support.apple.com/en-us/121250", "url": "https://support.apple.com/en-us/121250" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/06/msg00016.html", "url": "https://lists.debian.org/debian-lts-announce/2025/06/msg00016.html" } ], "release_date": "2025-03-10T19:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2025-09-01T18:32:46.619580Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2025:1756751564", "product_ids": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2025:1756751564" }, { "category": "none_available", "details": "Affected", "product_ids": [ "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ] }, { "cve": "CVE-2025-24162", "notes": [ { "category": "description", "text": "This issue was addressed through improved state management. This issue is fixed in Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, tvOS 18.3, visionOS 2.3, watchOS 11.3. Processing maliciously crafted web content may lead to an unexpected process crash.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ], "known_affected": [ "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-24162" }, { "category": "external", "summary": "https://support.apple.com/en-us/122066", "url": "https://support.apple.com/en-us/122066" }, { "category": "external", "summary": "https://support.apple.com/en-us/122068", "url": "https://support.apple.com/en-us/122068" }, { "category": "external", "summary": "https://support.apple.com/en-us/122071", "url": "https://support.apple.com/en-us/122071" }, { "category": "external", "summary": "https://support.apple.com/en-us/122072", "url": "https://support.apple.com/en-us/122072" }, { "category": "external", "summary": "https://support.apple.com/en-us/122073", "url": "https://support.apple.com/en-us/122073" }, { "category": "external", "summary": "https://support.apple.com/en-us/122074", "url": "https://support.apple.com/en-us/122074" }, { "category": "external", "summary": "http://seclists.org/fulldisclosure/2025/Jan/13", "url": "http://seclists.org/fulldisclosure/2025/Jan/13" }, { "category": "external", "summary": "http://seclists.org/fulldisclosure/2025/Jan/15", "url": "http://seclists.org/fulldisclosure/2025/Jan/15" }, { "category": "external", "summary": "http://seclists.org/fulldisclosure/2025/Jan/18", "url": "http://seclists.org/fulldisclosure/2025/Jan/18" }, { "category": "external", "summary": "http://seclists.org/fulldisclosure/2025/Jan/20", "url": "http://seclists.org/fulldisclosure/2025/Jan/20" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/02/msg00014.html", "url": "https://lists.debian.org/debian-lts-announce/2025/02/msg00014.html" } ], "release_date": "2025-01-27T22:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2025-09-01T18:32:46.619580Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2025:1756751564", "product_ids": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2025:1756751564" }, { "category": "none_available", "details": "Affected", "product_ids": [ "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.44.4-1.el9.tuxcare.els9.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.i686", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.38.5-1.el9.3.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els10.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els5.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.44.4-1.el9.tuxcare.els9.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AlmaLinux-9.2:webkit2gtk3-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-0:2.48.5-1.el9.tuxcare.els1.x86_64", "AlmaLinux-9.2:webkit2gtk3-jsc-devel-0:2.48.5-1.el9.tuxcare.els1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ] } ] }