The following vulnerabilities have been discovered in the WebKitGTK web engine:
CVE-2025-43392
Tom Van Goethem discovered that a website may exfiltrate image data cross-origin.
CVE-2025-43425
An anonymous researcher discovered that processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2025-43427
Gary Kwong and rheza discovered that processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2025-43429
Google Big Sleep discovered that processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2025-43430
Google Big Sleep discovered that processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2025-43431
Google Big Sleep discovered that processing maliciously crafted web content may lead to memory corruption.
CVE-2025-43432
Hossein Lotfi discovered that processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2025-43434
Google Big Sleep discovered that processing maliciously crafted web content may lead to an unexpected browser crash.
CVE-2025-43440
Nan Wang discovered that processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2025-43443
An anonymous researcher discovered that processing maliciously crafted web content may lead to an unexpected process crash.
https://security-tracker.debian.org/tracker/DSA-6070-1
Continue reading...
CVE-2025-43392
Tom Van Goethem discovered that a website may exfiltrate image data cross-origin.
CVE-2025-43425
An anonymous researcher discovered that processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2025-43427
Gary Kwong and rheza discovered that processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2025-43429
Google Big Sleep discovered that processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2025-43430
Google Big Sleep discovered that processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2025-43431
Google Big Sleep discovered that processing maliciously crafted web content may lead to memory corruption.
CVE-2025-43432
Hossein Lotfi discovered that processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2025-43434
Google Big Sleep discovered that processing maliciously crafted web content may lead to an unexpected browser crash.
CVE-2025-43440
Nan Wang discovered that processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2025-43443
An anonymous researcher discovered that processing maliciously crafted web content may lead to an unexpected process crash.
https://security-tracker.debian.org/tracker/DSA-6070-1
Continue reading...
