The following vulnerabilities have been discovered in the WebKitGTK web engine:
CVE-2025-24143
An anonymous researcher discovered that a maliciously crafted webpage may be able to fingerprint the user.
CVE-2025-24150
Johan Carlsson discovered that copying a URL from Web Inspector may lead to command injection.
CVE-2025-24158
Q1IQ and P1umer discovered that processing web content may lead to a denial-of-service.
CVE-2025-24162
linjy and chluo discovered that processing maliciously crafted web content may lead to an unexpected process crash.
https://security-tracker.debian.org/tracker/DSA-5865-1
Continue reading...
CVE-2025-24143
An anonymous researcher discovered that a maliciously crafted webpage may be able to fingerprint the user.
CVE-2025-24150
Johan Carlsson discovered that copying a URL from Web Inspector may lead to command injection.
CVE-2025-24158
Q1IQ and P1umer discovered that processing web content may lead to a denial-of-service.
CVE-2025-24162
linjy and chluo discovered that processing maliciously crafted web content may lead to an unexpected process crash.
https://security-tracker.debian.org/tracker/DSA-5865-1
Continue reading...
