Debian Webkit2Gtk vulnerabilities
678 known vulnerabilities affecting debian/webkit2gtk.
Total CVEs
678
CISA KEV
38
actively exploited
Public exploits
113
Exploited in wild
53
Severity breakdown
CRITICAL14HIGH239MEDIUM150LOW275
Vulnerabilities
Page 33 of 34
CVE-2025-43430P4MEDIUMCVSS 4.3fixed in webkit2gtk 2.50.2-1~deb12u1 (bookworm)2025
CVE-2025-43430 [MEDIUM] CVE-2025-43430: webkit2gtk - This issue was addressed through improved state management. This issue is fixed ...
This issue was addressed through improved state management. This issue is fixed in Safari 26.1, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash.
Scope: local
bookworm: resolved (fixed in 2.50.2-1~deb12u1)
bullseye: resolved (fixed in 2.50.2-1~d
debian
CVE-2025-43432P4MEDIUMCVSS 4.3fixed in webkit2gtk 2.50.2-1~deb12u1 (bookworm)2025
CVE-2025-43432 [MEDIUM] CVE-2025-43432: webkit2gtk - A use-after-free issue was addressed with improved memory management. This issue...
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.1, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash.
Scope: local
bookworm: resolved (fixed in 2.50.2-1~deb12u1)
bullseye: resolved (fixed in
debian
CVE-2026-20664P4MEDIUMCVSS 4.3fixed in webkit2gtk 2.52.1-1 (sid)2026
CVE-2026-20664 [MEDIUM] CVE-2026-20664: webkit2gtk - The issue was addressed with improved memory handling. This issue is fixed in Sa...
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. Processing maliciously crafted web content may lead to an unexpected process crash.
Scope: local
bookworm: open
bullseye: open
forky: open
sid: resolved (fixed in 2.52.1-1)
trixie: open
debian
CVE-2025-43501P4MEDIUMCVSS 4.3fixed in webkit2gtk 2.50.4-1~deb12u1 (bookworm)2025
CVE-2025-43501 [MEDIUM] CVE-2025-43501: webkit2gtk - A buffer overflow issue was addressed with improved memory handling. This issue ...
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2. Processing maliciously crafted web content may lead to an unexpected process crash.
Scope: local
bookworm: resolved (fixed in 2.50.4-1~deb12u1)
bullseye: resolved (fixed
debian
CVE-2025-43443P4MEDIUMCVSS 4.3fixed in webkit2gtk 2.50.2-1~deb12u1 (bookworm)2025
CVE-2025-43443 [MEDIUM] CVE-2025-43443: webkit2gtk - This issue was addressed with improved checks. This issue is fixed in Safari 26....
This issue was addressed with improved checks. This issue is fixed in Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash.
Scope: local
bookworm: resolved (fixed in 2.50.2-1~deb12u1)
bullseye: resolved (fi
debian
CVE-2026-28859P4MEDIUMCVSS 4.3fixed in webkit2gtk 2.52.1-1 (sid)2026
CVE-2026-28859 [MEDIUM] CVE-2026-28859: webkit2gtk - The issue was addressed with improved memory handling. This issue is fixed in Sa...
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. A malicious website may be able to process restricted web content outside the sandbox.
Scope: local
bookworm: open
bullseye: open
forky: open
sid: resolved (fixed in 2.52.1-1)
trixie: open
debian
CVE-2025-43458P4MEDIUMCVSS 4.3fixed in webkit2gtk 2.50.3-1~deb12u1 (bookworm)2025
CVE-2025-43458 [MEDIUM] CVE-2025-43458: webkit2gtk - This issue was addressed through improved state management. This issue is fixed ...
This issue was addressed through improved state management. This issue is fixed in Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash.
Scope: local
bookworm: resolved (fixed in 2.50.3-1~deb12u1)
bullseye:
debian
CVE-2025-43536P4MEDIUMCVSS 4.3fixed in webkit2gtk 2.50.4-1~deb12u1 (bookworm)2025
CVE-2025-43536 [MEDIUM] CVE-2025-43536: webkit2gtk - A use-after-free issue was addressed with improved memory management. This issue...
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2. Processing maliciously crafted web content may lead to an unexpected process crash.
Scope: local
bookworm: resolved (fixed in 2.50.4-1~deb12u1)
bullseye: resolved (fixed in 2.50.4-1~d
debian
CVE-2026-20635P4MEDIUMCVSS 4.3fixed in webkit2gtk 2.50.6-1~deb12u1 (bookworm)2026
CVE-2026-20635 [MEDIUM] CVE-2026-20635: webkit2gtk - The issue was addressed with improved memory handling. This issue is fixed in Sa...
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. Processing maliciously crafted web content may lead to an unexpected process crash.
Scope: local
bookworm: resolved (fixed in 2.50.6-1~deb12u1)
bullseye: open
debian
CVE-2024-44192P4MEDIUMCVSS 5.5fixed in webkit2gtk 2.48.0-1~deb12u1 (bookworm)2024
CVE-2024-44192 [MEDIUM] CVE-2024-44192: webkit2gtk - The issue was addressed with improved checks. This issue is fixed in Safari 18, ...
The issue was addressed with improved checks. This issue is fixed in Safari 18, iOS 18 and iPadOS 18, macOS Sequoia 15, tvOS 18, visionOS 2, watchOS 11. Processing maliciously crafted web content may lead to an unexpected process crash.
Scope: local
bookworm: resolved (fixed in 2.48.0-1~deb12u1)
bullseye: resolved (fixed in 2.48.3-1~deb11u1)
forky: resolved (fi
debian
CVE-2021-30884P4MEDIUMCVSS 4.7fixed in webkit2gtk 2.34.1-1 (bookworm)2021
CVE-2021-30884 [MEDIUM] CVE-2021-30884: webkit2gtk - The issue was resolved with additional restrictions on CSS compositing. This iss...
The issue was resolved with additional restrictions on CSS compositing. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Visiting a maliciously crafted website may reveal a user's browsing history.
Scope: local
bookworm: resolved (fixed in 2.34.1-1)
bullseye: resolved (fixed in 2.34.1-1~deb11u1)
forky: resolved (fixed in 2.34.1-1)
sid: resolved
debian
CVE-2024-40776P4MEDIUMCVSS 4.3fixed in webkit2gtk 2.44.3-1~deb12u1 (bookworm)2024
CVE-2024-40776 [MEDIUM] CVE-2024-40776: webkit2gtk - A use-after-free issue was addressed with improved memory management. This issue...
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 17.6, iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. Processing maliciously crafted web content may lead to an unexpected process crash.
Scope: local
bookworm: resolved (fixed in 2.44.3-1~deb12u1)
debian
CVE-2024-44244P4MEDIUMCVSS 4.3fixed in webkit2gtk 2.46.3-1~deb12u1 (bookworm)2024
CVE-2024-44244 [MEDIUM] CVE-2024-44244: webkit2gtk - A memory corruption issue was addressed with improved input validation. This iss...
A memory corruption issue was addressed with improved input validation. This issue is fixed in Safari 18.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, tvOS 18.1, visionOS 2.1, watchOS 11.1. Processing maliciously crafted web content may lead to an unexpected process crash.
Scope: local
bookworm: resolved (fixed in 2.46.3-1~deb12u1)
bullseye: resolved (fixed
debian
CVE-2025-31206P4MEDIUMCVSS 4.3fixed in webkit2gtk 2.48.3-1~deb12u1 (bookworm)2025
CVE-2025-31206 [MEDIUM] CVE-2025-31206: webkit2gtk - A type confusion issue was addressed with improved state handling. This issue is...
A type confusion issue was addressed with improved state handling. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. Processing maliciously crafted web content may lead to an unexpected Safari crash.
Scope: local
bookworm: resolved (fixed in 2.48.3-1~deb12u1)
bullseye: resolve
debian
CVE-2025-43535P4MEDIUMCVSS 4.3fixed in webkit2gtk 2.50.4-1~deb12u1 (bookworm)2025
CVE-2025-43535 [MEDIUM] CVE-2025-43535: webkit2gtk - The issue was addressed with improved memory handling. This issue is fixed in Sa...
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2. Processing maliciously crafted web content may lead to an unexpected process crash.
Scope: local
bookworm: resolved (fixed in 2.50.4-1~deb12u1)
bullseye: resolved (fixed in 2.50.4-1~d
debian
CVE-2025-30427P4MEDIUMCVSS 4.3fixed in webkit2gtk 2.48.1-2~deb12u1 (bookworm)2025
CVE-2025-30427 [MEDIUM] CVE-2025-30427: webkit2gtk - A use-after-free issue was addressed with improved memory management. This issue...
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, tvOS 18.4, visionOS 2.4, watchOS 11.4. Processing maliciously crafted web content may lead to an unexpected Safari crash.
Scope: local
bookworm: resolved (fixed in 2.48.1-2~deb12u1)
bullseye: reso
debian
CVE-2025-43368P4MEDIUMCVSS 4.3fixed in webkit2gtk 2.50.1-1~deb12u1 (bookworm)2025
CVE-2025-43368 [MEDIUM] CVE-2025-43368: webkit2gtk - A use-after-free issue was addressed with improved memory management. This issue...
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26, iOS 26 and iPadOS 26, macOS Tahoe 26. Processing maliciously crafted web content may lead to an unexpected Safari crash.
Scope: local
bookworm: resolved (fixed in 2.50.1-1~deb12u1)
bullseye: resolved (fixed in 2.50.1-1~deb11u1)
forky: resolved (fixed in 2.50.
debian
CVE-2025-43425P4MEDIUMCVSS 4.3fixed in webkit2gtk 2.50.2-1~deb12u1 (bookworm)2025
CVE-2025-43425 [MEDIUM] CVE-2025-43425: webkit2gtk - The issue was addressed with improved memory handling. This issue is fixed in Sa...
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.1, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash.
Scope: local
bookworm: resolved (fixed in 2.50.2-1~deb12u1)
bullseye: resolved (fixed in 2.50.2-1~deb11u
debian
CVE-2025-43427P4MEDIUMCVSS 4.3fixed in webkit2gtk 2.50.2-1~deb12u1 (bookworm)2025
CVE-2025-43427 [MEDIUM] CVE-2025-43427: webkit2gtk - This issue was addressed through improved state management. This issue is fixed ...
This issue was addressed through improved state management. This issue is fixed in Safari 26.1, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash.
Scope: local
bookworm: resolved (fixed in 2.50.2-1~deb12u1)
bullseye: resolved (fixed in 2.50.2-1~deb11u1)
forky:
debian
CVE-2024-44185P4MEDIUMCVSS 5.5fixed in webkit2gtk 2.46.0-2~deb12u1 (bookworm)2024
CVE-2024-44185 [MEDIUM] CVE-2024-44185: webkit2gtk - The issue was addressed with improved checks. This issue is fixed in Safari 17.6...
The issue was addressed with improved checks. This issue is fixed in Safari 17.6, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. Processing maliciously crafted web content may lead to an unexpected process crash.
Scope: local
bookworm: resolved (fixed in 2.46.0-2~deb12u1)
bullseye: resolved (fixed in 2.46.3-1~deb11u2)
forky:
debian