Fedora 43: webkitgtk Critical Update for CVE-2025-13947, 43458, 66287
fedora
December 7, 2025
Fix seeking and looping of media elements that set the loop property
Summary
WebKitGTK is the port of the WebKit web rendering engine to the
GTK platform.
Update Information:
Fix seeking and looping of media elements that set the loop property. Fix several crashes and rendering issues. Fix CVE-2025-13947, CVE-2025-43458, CVE-2025-66287
Change Log
* Thu Dec 4 2025 Michael Catanzaro
References
[ 1 ] Bug #2418581 - CVE-2025-13947 webkitgtk: WebKitGTK: Remote user-assisted information disclosure via file drag-and-drop [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2418581 [ 2 ] Bug #2418863 - CVE-2025-43458 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2418863 [ 3 ] Bug #2418867 - CVE-2025-66287 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2418867
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-b07cd2cae2' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
PREVIOUS 
NEXT Severity
critical
Lowest
Low
Medium
High
Critical
Name: webkitgtk
Product: Fedora 43
Version: 2.50.3
Release: 1.fc43
Summary: GTK web content engine library
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!