Debian: webkit2gtk Important Memory Corruption Issues DSA-6083-1
debian
December 18, 2025
The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2025-14174 Apple and the Google Threat Analysis Group discovered that processing maliciously cra...
Summary
CVE-2025-14174
Apple and the Google Threat Analysis Group discovered that
processing maliciously crafted web content may lead to memory
corruption. Apple is aware of a report that this issue may have
been exploited in an extremely sophisticated attack against
specific targeted individuals on versions of iOS before iOS 26.
CVE-2025-43529 was also issued in response to this report.
CVE-2025-43501
Hossein Lotfi discovered that processing maliciously crafted web
content may lead to an unexpected process crash.
CVE-2025-43529
The Google Threat Analysis Group discovered that processing
maliciously crafted web content may lead to arbitrary code
execution. Apple is aware of a report that this issue may have
been exploited in an extremely sophisticated attack against
specific targeted individuals on versions of iOS before iOS 26.
CVE-2025-14174 was also issued in response to this report.
CVE-2025-43531
Phil Pizlo discovered that processing maliciousl...
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Package: webkit2gtk
CVE ID: CVE-2025-14174 CVE-2025-43501 CVE-2025-43529 CVE-2025-43531
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!