Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

SUSE: webkit2gtk3 Important Security Update for Threats 2025:4416-1

suse
Calendar Grey December 16, 2025
Dist Suse Esm H88
An important update for webkit2gtk3 addresses 18 vulnerabilities to enhance system security on SUSE platforms.
An update that solves 18 vulnerabilities can now be installed.

Summary

## This update for webkit2gtk3 fixes the following issues: Update to version 2.50.3. Security issues fixed: * CVE-2025-13502: processing of maliciously crafted payloads by the GLib remote inspector server may lead to a UIProcess crash due to an out-of- bounds read and an integer underflow (bsc#1254208). * CVE-2025-13947: use of the file drag-and-drop mechanism may lead to remote information disclosure due to a lack of verification of the origins of drag operations (bsc#1254473). * CVE-2025-43392: websites may exfiltrate image data cross-origin due to issues with cache handling (bsc#1254165). * CVE-2025-43421: processing maliciously crafted web content may lead to an unexpected process crash due to enabled array allocation sinking (bsc#1254167).

Topics%20covered

Topics Covered

security advisory update SuSE threat important webkit2gtk3

References

* bsc#1254164

* bsc#1254165

* bsc#1254166

* bsc#1254167

* bsc#1254168

* bsc#1254169

* bsc#1254170

* bsc#1254171

* bsc#1254172

* bsc#1254174

* bsc#1254175

* bsc#1254176

* bsc#1254177

* bsc#1254179

* bsc#1254208

* bsc#1254473

* bsc#1254498

* bsc#1254509

Cross-

* CVE-2023-43000

* CVE-2025-13502

* CVE-2025-13947

* CVE-2025-43392

* CVE-2025-43419

* CVE-2025-43421

* CVE-2025-43425

* CVE-2025-43427

* CVE-2025-43429

* CVE-2025-43430

* CVE-2025-43431

* CVE-2025-43432

* CVE-2025-43434

* CVE-2025-43440

* CVE-2025-43443

* CVE-2025-43458

* CVE-2025-43480

* CVE-2025-66287

CVSS scores:

* CVE-2023-43000 ( SUSE ): 8.5

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

* CVE-2023-43000 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2025:4416-1
Release Date: 2025-12-16T15:57:51Z
Rating: important

Topics%20covered

Topics Covered

security advisory update SuSE threat important webkit2gtk3

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here