Explore top 10 tips to secure your open-source projects now. Read More
×
## This update for webkit2gtk3 fixes the following issues: Update to version 2.50.4. Security issues fixed: * CVE-2025-13502: processing of maliciously crafted payloads by the GLib remote inspector server may lead to a UIProcess crash due to an out-of- bounds read and an integer underflow (bsc#1254208). * CVE-2025-13947: use of the file drag-and-drop mechanism may lead to remote information disclosure due to a lack of verification of the origins of drag operations (bsc#1254473). * CVE-2025-14174: processing maliciously crafted web content may lead to memory corruption due to improper validation (bsc#1255497). * CVE-2025-43392: websites may exfiltrate image data cross-origin due to issues with cache handling (bsc#1254165). * CVE-2025-43421: processing maliciously crafted web content may lead to an
* bsc#1254164
* bsc#1254165
* bsc#1254166
* bsc#1254167
* bsc#1254168
* bsc#1254169
* bsc#1254170
* bsc#1254171
* bsc#1254172
* bsc#1254174
* bsc#1254175
* bsc#1254176
* bsc#1254177
* bsc#1254179
* bsc#1254208
* bsc#1254473
* bsc#1254498
* bsc#1254509
* bsc#1255183
* bsc#1255191
* bsc#1255194
* bsc#1255195
* bsc#1255198
* bsc#1255200
* bsc#1255497
Cross-
* CVE-2023-43000
* CVE-2025-13502
* CVE-2025-13947
* CVE-2025-14174
* CVE-2025-43392
* CVE-2025-43419
* CVE-2025-43421
* CVE-2025-43425
* CVE-2025-43427
* CVE-2025-43429
* CVE-2025-43430
* CVE-2025-43431
* CVE-2025-43432
* CVE-2025-43434
* CVE-2025-43440
* CVE-2025-43443
* CVE-2025-43458
* CVE-2025-43480
* CVE-2025-43501
* CVE-2025-43529
* CVE-2025-43531
* CVE-2025-43535
* CVE-2025-43536
* CVE-2025-43541
* CVE-2025-66287
CVSS scores:
Get the latest Linux and open source security news straight to your inbox.