- Issued:
- 2025-07-07
- Updated:
- 2025-07-07
RHSA-2025:10364 - Security Advisory
Synopsis
Important: webkitgtk4 security update
Type/Severity
Security Advisory: Important
Red Hat Lightspeed patch analysis
Identify and remediate systems affected by this advisory.
Topic
An update for webkitgtk4 is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
WebKitGTK+ is port of the WebKit portable web rendering engine to the GTK+ platform. These packages provide WebKitGTK+ for GTK+ 3.
Security Fix(es):
- webkitgtk: Command injection in web inspector (CVE-2020-9862)
- webkitgtk: Use-after-free may lead to application termination or arbitrary code execution (CVE-2020-9893)
- webkitgtk: Out-of-bounds read may lead to unexpected application termination or arbitrary code execution (CVE-2020-9894)
- webkitgtk: Use-after-free may lead to application termination or arbitrary code execution (CVE-2020-9895)
- webkitgtk: Access issue in content security policy (CVE-2020-9915)
- webkitgtk: A logic issue may lead to cross site scripting (CVE-2020-9925)
- webkitgtk: Logic issue may lead to arbitrary code execution (CVE-2020-9802)
- webkitgtk: Memory corruption may lead to arbitrary code execution (CVE-2020-9803)
- webkitgtk: Logic issue may lead to cross site scripting (CVE-2020-9805)
- webkitgtk: Memory corruption may lead to arbitrary code execution (CVE-2020-9806)
- webkitgtk: Memory corruption may lead to arbitrary code execution (CVE-2020-9807)
- webkitgtk: Input validation issue may lead to cross site scripting (CVE-2020-9843)
- webkitgtk: Logic issue may lead to arbitrary code execution (CVE-2020-9850)
- webkitgtk: Improper access management to CLONE_NEWUSER and the TIOCSTI ioctl (CVE-2020-13753)
- webkitgtk: use-after-free may lead to arbitrary code execution (CVE-2020-13584)
- webkitgtk: type confusion may lead to arbitrary code execution (CVE-2020-9948)
- webkitgtk: use-after-free may lead to arbitrary code execution (CVE-2020-9951)
- webkitgtk: input validation issue may lead to a cross site scripting (CVE-2020-9952)
- webkitgtk: out-of-bounds write may lead to code execution (CVE-2020-9983)
- webkitgtk: use-after-free may lead to arbitrary code execution (CVE-2020-13543)
- webkitgtk: Use-after-free in AudioSourceProviderGStreamer leading to arbitrary code execution (CVE-2020-13558)
- webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2020-27918)
- webkitgtk: User may be unable to fully delete browsing history (CVE-2020-29623)
- webkitgtk: use after free issue may lead to arbitrary code execution (CVE-2020-9947)
- webkitgtk: IFrame sandboxing policy violation (CVE-2021-1765)
- webkitgtk: Type confusion issue leading to arbitrary code execution (CVE-2021-1789)
- webkitgtk: Access to restricted ports on arbitrary servers via port redirection (CVE-2021-1799)
- webkitgtk: IFrame sandboxing policy violation (CVE-2021-1801)
- webkitgtk: Logic issue leading to arbitrary code execution (CVE-2021-1870)
- webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2021-1788)
- webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2021-1844)
- webkitgtk: Logic issue leading to arbitrary code execution (CVE-2021-1871)
- webkitgtk: Use-after-free in fireEventListeners leading to arbitrary code execution (CVE-2021-21806)
- webkitgtk: Memory corruption leading to arbitrary code execution (CVE-2021-1817)
- webkitgtk: Memory initialization issue possibly leading to memory disclosure (CVE-2021-1820)
- webkitgtk: Input validation issue leading to cross site scripting attack (CVE-2021-1825)
- webkitgtk: Logic issue leading to universal cross site scripting attack (CVE-2021-1826)
- webkitgtk: Use-after-free in ImageLoader dispatchPendingErrorEvent leading to information leak and possibly code execution (CVE-2021-21775)
- webkitgtk: Use-after-free in WebCore::GraphicsContext leading to information leak and possibly code execution (CVE-2021-21779)
- webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2021-30661)
- webkitgtk: Integer overflow leading to arbitrary code execution (CVE-2021-30663)
- webkitgtk: Memory corruption leading to arbitrary code execution (CVE-2021-30665)
- webkitgtk: Buffer overflow leading to arbitrary code execution (CVE-2021-30666)
- webkitgtk: Logic issue leading to leak of sensitive user information (CVE-2021-30682)
- webkitgtk: Logic issue leading to universal cross site scripting attack (CVE-2021-30689)
- webkitgtk: Logic issue allowing access to restricted ports on arbitrary servers (CVE-2021-30720)
- webkitgtk: Memory corruptions leading to arbitrary code execution (CVE-2021-30734)
- webkitgtk: Cross-origin issue with iframe elements leading to universal cross site scripting attack (CVE-2021-30744)
- webkitgtk: Memory corruptions leading to arbitrary code execution (CVE-2021-30749)
- webkitgtk: Type confusion leading to arbitrary code execution (CVE-2021-30758)
- webkitgtk: Memory corruption leading to arbitrary code execution (CVE-2021-30761)
- webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2021-30762)
- webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2021-30795)
- webkitgtk: Insufficient checks leading to arbitrary code execution (CVE-2021-30797)
- webkitgtk: Memory corruptions leading to arbitrary code execution (CVE-2021-30799)
- webkitgtk: limited sandbox escape via VFS syscalls (CVE-2021-42762)
- webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2021-30846)
- webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2021-30848)
- webkitgtk: Multiple memory corruption issue leading to arbitrary code execution (CVE-2021-30849)
- webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2021-30851)
- webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2021-30809)
- webkitgtk: Type confusion issue leading to arbitrary code execution (CVE-2021-30818)
- webkitgtk: Logic issue leading to HSTS bypass (CVE-2021-30823)
- webkitgtk: Out-of-bounds read leading to memory disclosure (CVE-2021-30836)
- webkitgtk: CSS compositing issue leading to revealing of the browsing history (CVE-2021-30884)
- webkitgtk: Logic issue leading to Content Security Policy bypass (CVE-2021-30887)
- webkitgtk: Information leak via Content Security Policy reports (CVE-2021-30888)
- webkitgtk: Buffer overflow leading to arbitrary code execution (CVE-2021-30889)
- webkitgtk: Logic issue leading to universal cross-site scripting (CVE-2021-30890)
- chromium-browser: Inappropriate implementation in Navigation (CVE-2022-0108)
- webkitgtk: Cross-origin data exfiltration via resource timing API (CVE-2021-30897)
- webkitgtk: Incorrect memory allocation in WebCore::ImageBufferCairoImageSurfaceBackend::create (CVE-2021-45481)
- webkitgtk: use-after-free in WebCore::ContainerNode::firstChild (CVE-2021-45482)
- webkitgtk: use-after-free in WebCore::Frame::page (CVE-2021-45483)
- webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution (CVE-2021-30934)
- webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution (CVE-2021-30936)
- webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution (CVE-2021-30951)
- webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution (CVE-2021-30952)
- webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution (CVE-2021-30953)
- webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution (CVE-2021-30954)
- webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution (CVE-2021-30984)
- webkitgtk: A malicious website may exfiltrate data cross-origin (CVE-2022-22594)
- webkitgtk: Processing a maliciously crafted mail message may lead to running arbitrary javascript (CVE-2022-22589)
- webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution (CVE-2022-22590)
- webkitgtk: Processing maliciously crafted web content may prevent Content Security Policy from being enforced (CVE-2022-22592)
- webkitgtk: maliciously crafted web content may lead to arbitrary code execution due to use after free (CVE-2022-22620)
- webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-22624)
- webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-22628)
- webkitgtk: Buffer overflow leading to arbitrary code execution (CVE-2022-22629)
- webkitgtk: logic issue was addressed with improved state management (CVE-2022-22637)
- webkitgtk: heap-buffer-overflow in WebCore::TextureMapperLayer::setContentsLayer (CVE-2022-30294)
- webkitgtk: Heap buffer overflow in WebCore::TextureMapperLayer::setContentsLayer leading to arbitrary code execution (CVE-2022-30293)
- webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26700)
- webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26709)
- webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26716)
- webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26717)
- webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26719)
- webkitgtk: Cookie management issue leading to sensitive user information disclosure (CVE-2022-22662)
- webkitgtk: the video in a webRTC call may be interrupted if the audio capture gets interrupted (CVE-2022-22677)
- webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26710)
- webkitgtk: processing maliciously crafted web content may lead to arbitrary code execution (CVE-2022-32893)
- webkitgtk: buffer overflow issue was addressed with improved memory handling (CVE-2022-32886)
- webkitgtk: out-of-bounds read was addressed with improved bounds checking (CVE-2022-32912)
- webkitgtk: UI spoofing while Visiting a website that frames malicious content (CVE-2022-32891)
- webkitgtk: out-of-bounds write issue was addressed with improved bounds checking (CVE-2022-32888)
- webkitgtk: correctness issue in the JIT was addressed with improved checks (CVE-2022-32923)
- webkitgtk: issue was addressed with improved UI handling (CVE-2022-42799)
- webkitgtk: sensitive information disclosure issue (CVE-2022-42824)
- webkitgtk: type confusion issue leading to arbitrary code execution (CVE-2022-42823)
- webkitgtk: processing maliciously crafted web content may lead to an arbitrary code execution (CVE-2022-42856)
- webkitgtk: memory disclosure issue was addressed with improved memory handling (CVE-2022-42852)
- webkitgtk: memory corruption issue leading to arbitrary code execution (CVE-2022-42863)
- webkitgtk: use-after-free issue leading to arbitrary code execution (CVE-2022-42867)
- webkitgtk: memory corruption issue leading to arbitrary code execution (CVE-2022-46691)
- webkitgtk: Same Origin Policy bypass issue (CVE-2022-46692)
- webkitgtk: logic issue leading to user information disclosure (CVE-2022-46698)
- webkitgtk: memory corruption issue leading to arbitrary code execution (CVE-2022-46699)
- webkitgtk: memory corruption issue leading to arbitrary code execution (CVE-2022-46700)
- webkitgtk: memory corruption issue leading to arbitrary code execution (CVE-2023-23518)
- webkitgtk: use-after-free issue leading to arbitrary code execution (CVE-2022-42826)
- webkitgtk: memory corruption issue leading to arbitrary code execution (CVE-2023-23517)
- webkitgtk: processing maliciously crafted web content may be exploited for arbitrary code execution (CVE-2023-23529)
- webkitgtk: heap-use-after-free in WebCore::RenderLayer::addChild() (CVE-2023-25358)
- WebKitGTK: use-after-free leads to arbitrary code execution (CVE-2023-28205)
- webkitgtk: an out-of-bounds read when processing malicious content (CVE-2023-28204)
- webkitgtk: a use-after-free when processing maliciously crafted web content (CVE-2023-32373)
- webkitgtk: improper bounds checking leading to arbitrary code execution (CVE-2022-48503)
- webkitgtk: memory corruption issue leading to arbitrary code execution (CVE-2023-32435)
- webkitgtk: type confusion issue leading to arbitrary code execution (CVE-2023-32439)
- webkitgtk: arbitrary code execution (CVE-2023-37450)
- webkitgtk: arbitrary code execution (CVE-2023-32393)
- webkitgtk: disclose sensitive information (CVE-2023-38133)
- webkitgtk: Processing web content may lead to arbitrary code execution (CVE-2023-38592)
- webkitgtk: arbitrary code execution (CVE-2023-38594)
- webkitgtk: arbitrary code execution (CVE-2023-38595)
- webkitgtk: track sensitive user information (CVE-2023-38599)
- webkitgtk: arbitrary code execution (CVE-2023-38600)
- webkitgtk: arbitrary code execution (CVE-2023-38611)
- webkitgtk: bypass Same Origin Policy (CVE-2023-38572)
- webkitgtk: arbitrary code execution (CVE-2023-38597)
- webkitgtk: Memory corruption issue when processing web content (CVE-2022-32885)
- webkitgtk: Same Origin Policy bypass via crafted web content (CVE-2023-27932)
- webkitgtk: Website may be able to track sensitive user information (CVE-2023-27954)
- webkitgtk: use after free vulnerability (CVE-2023-28198)
- webkitgtk: content security policy blacklist failure (CVE-2023-32370)
- webkitgtk: arbitrary javascript code execution (CVE-2023-40397)
- webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution (CVE-2022-32792)
- webkitgtk: malicious content may lead to UI spoofing (CVE-2022-32816)
- webkitgtk: processing malicious web content may lead to arbitrary code execution (CVE-2023-41993)
- webkitgtk: use-after-free in the MediaRecorder API of the WebKit GStreamer-based ports (CVE-2023-39928)
- webkitgtk: processing web content may lead to arbitrary code execution (CVE-2023-35074)
- webkitgtk: attacker with JavaScript execution may be able to execute arbitrary code (CVE-2023-40451)
- webkitgtk: processing web content may lead to arbitrary code execution (CVE-2023-41074)
- webkitgtk: Out-of-bounds read leads to sensitive data leak (CVE-2023-42916)
- webkitgtk: Arbitrary Remote Code Execution (CVE-2023-42917)
- webkitgtk: processing a malicious image may lead to a denial of service (CVE-2023-42883)
- webkitgtk: processing malicious web content may lead to arbitrary code execution (CVE-2023-42890)
- webkitgtk: type confusion may lead to arbitrary code execution (CVE-2024-23222)
- webkitgtk: Processing web content may lead to arbitrary code execution (CVE-2024-23213)
- webkitgtk: Processing web content may lead to arbitrary code execution (CVE-2023-40414)
- webkitgtk: Processing web content may lead to arbitrary code execution (CVE-2023-42833)
- webkitgtk: Processing a file may lead to a denial of service or potentially disclose memory contents (CVE-2014-1745)
- webkit: processing malicious web content may lead to denial-of-service (CVE-2024-23252)
- webkit: malicious website may exfiltrate audio data cross-origin (CVE-2024-23254)
- webkit: processing malicious web content prevents Content Security Policy from being enforced (CVE-2024-23263)
- webkit: maliciously crafted webpage may be able to fingerprint the user (CVE-2024-23280)
- webkit: processing maliciously crafted web content prevents Content Security Policy from being enforced (CVE-2024-23284)
- webkitgtk: Visiting a website that frames malicious content may lead to UI spoofing. (CVE-2022-32919)
- webkitgtk: A website may able to track visited websites in private browsing (CVE-2022-32933)
- webkitgtk: Visiting a malicious website may lead to address bar spoofing (CVE-2022-46705)
- webkitgtk: Visiting a malicious website may lead to address bar spoofing. (CVE-2022-46725)
- webkitgtk: User password may be read aloud by a text-to-speech accessibility feature (CVE-2023-32359)
- webkitgtk: Processing web content may lead to a denial of service (CVE-2023-41983)
- webkitgtk: Processing web content may lead to arbitrary code execution (CVE-2023-42852)
- webkit: visiting a malicious website may lead to address bar spoofing (CVE-2023-42843)
- webkit: heap use-after-free may lead to arbitrary code execution (CVE-2023-42950)
- webkit: processing malicious web content may lead to a denial of service (CVE-2023-42956)
- chromium-browser: Use after free in ANGLE (CVE-2024-4558)
- webkit: pointer authentication bypass (CVE-2024-27834)
- webkitgtk: webkit2gtk: Use after free may lead to Remote Code Execution (CVE-2024-40776)
- webkitgtk: webkit2gtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2024-40789)
- webkitgtk: webkit2gtk: Out-of-bounds read was addressed with improved bounds checking (CVE-2024-40780)
- webkitgtk: webkit2gtk: Out-of-bounds read was addressed with improved bounds checking (CVE-2024-40779)
- webkitgtk: webkit2gtk: Use-after-free was addressed with improved memory management (CVE-2024-40782)
- webkitgtk: Visiting a malicious website may lead to address bar spoofing (CVE-2024-40866)
- webkitgtk: A malicious website may cause unexpected cross-origin behavior (CVE-2024-23271)
- webkitgtk: Processing web content may lead to arbitrary code execution (CVE-2024-27808)
- webkitgtk: Processing web content may lead to arbitrary code execution (CVE-2024-27820)
- webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution (CVE-2024-27833)
- webkitgtk: A maliciously crafted webpage may be able to fingerprint the user (CVE-2024-27838)
- webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution (CVE-2024-27851)
- webkitgtk: A malicious website may exfiltrate data cross-origin (CVE-2024-44187)
- webkitgtk: webkit2gtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2024-44185)
- webkitgtk: webkit2gtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2024-44244)
- webkitgtk: webkit2gtk: Processing maliciously crafted web content may prevent Content Security Policy from being enforced (CVE-2024-44296)
- webkitgtk: data isolation bypass vulnerability (CVE-2024-44309)
- webkitgtk: javascriptcore: processing maliciously crafted web content may lead to arbitrary code execution (CVE-2024-44308)
- WebKitGTK: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2024-54479)
- webkit: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2024-54502)
- webkit: Processing maliciously crafted web content may lead to memory corruption (CVE-2024-54505)
- webkit: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2024-54508)
- webkit: Processing maliciously crafted web content may lead to memory corruption (CVE-2024-54534)
- webkitgtk: Processing a file may lead to unexpected app termination or arbitrary code execution (CVE-2024-27856)
- webkitgtk: Processing maliciously crafted web content may lead to memory corruption (CVE-2024-54543)
- webkitgtk: A maliciously crafted webpage may be able to fingerprint the user (CVE-2025-24143)
- webkitgtk: Copying a URL from Web Inspector may lead to command injection (CVE-2025-24150)
- webkitgtk: Processing web content may lead to a denial-of-service (CVE-2025-24158)
- webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2025-24162)
- webkitgtk: Processing web content may lead to a denial-of-service (CVE-2024-54658)
- webkitgtk: out-of-bounds write vulnerability (CVE-2025-24201)
- webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2024-44192)
- webkitgtk: A malicious website may exfiltrate data cross-origin (CVE-2024-54467)
- webkitgtk: Processing web content may lead to a denial-of-service (CVE-2024-54551)
- webkitgtk: Loading a malicious iframe may lead to a cross-site scripting attack (CVE-2025-24208)
- webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2025-24209)
- webkitgtk: A type confusion issue could lead to memory corruption (CVE-2025-24213)
- webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash (CVE-2025-24216)
- webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash (CVE-2025-24264)
- webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash (CVE-2025-30427)
- webkitgtk: Processing web content may lead to arbitrary code execution (CVE-2023-42875)
- webkitgtk: Processing web content may lead to arbitrary code execution (CVE-2023-42970)
- webkitgtk: Processing maliciously crafted web content may lead to memory corruption (CVE-2025-24223)
- webkitgtk: Processing maliciously crafted web content may lead to memory corruption (CVE-2025-31204)
- webkitgtk: A malicious website may exfiltrate data cross-origin (CVE-2025-31205)
- webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash (CVE-2025-31206)
- webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2025-31215)
- webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash (CVE-2025-31257)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
Affected Products
- Red Hat Enterprise Linux Server - Extended Life Cycle Support 7 x86_64
- Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 7 s390x
- Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, big endian 7 ppc64
- Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, little endian 7 ppc64le
Fixes
- BZ - 1879532 - CVE-2020-9862 webkitgtk: Command injection in web inspector
- BZ - 1879535 - CVE-2020-9893 webkitgtk: Use-after-free may lead to application termination or arbitrary code execution
- BZ - 1879536 - CVE-2020-9894 webkitgtk: Out-of-bounds read may lead to unexpected application termination or arbitrary code execution
- BZ - 1879538 - CVE-2020-9895 webkitgtk: Use-after-free may lead to application termination or arbitrary code execution
- BZ - 1879540 - CVE-2020-9915 webkitgtk: Access issue in content security policy
- BZ - 1879541 - CVE-2020-9925 webkitgtk: A logic issue may lead to cross site scripting
- BZ - 1879545 - CVE-2020-9802 webkitgtk: Logic issue may lead to arbitrary code execution
- BZ - 1879557 - CVE-2020-9803 webkitgtk: Memory corruption may lead to arbitrary code execution
- BZ - 1879559 - CVE-2020-9805 webkitgtk: Logic issue may lead to cross site scripting
- BZ - 1879563 - CVE-2020-9806 webkitgtk: Memory corruption may lead to arbitrary code execution
- BZ - 1879564 - CVE-2020-9807 webkitgtk: Memory corruption may lead to arbitrary code execution
- BZ - 1879566 - CVE-2020-9843 webkitgtk: Input validation issue may lead to cross site scripting
- BZ - 1879568 - CVE-2020-9850 webkitgtk: Logic issue may lead to arbitrary code execution
- BZ - 1879570 - CVE-2020-13753 webkitgtk: Improper access management to CLONE_NEWUSER and the TIOCSTI ioctl
- BZ - 1901212 - CVE-2020-13584 webkitgtk: use-after-free may lead to arbitrary code execution
- BZ - 1901214 - CVE-2020-9948 webkitgtk: type confusion may lead to arbitrary code execution
- BZ - 1901216 - CVE-2020-9951 webkitgtk: use-after-free may lead to arbitrary code execution
- BZ - 1901219 - CVE-2020-9952 webkitgtk: input validation issue may lead to a cross site scripting
- BZ - 1901221 - CVE-2020-9983 webkitgtk: out-of-bounds write may lead to code execution
- BZ - 1903568 - CVE-2020-13543 webkitgtk: use-after-free may lead to arbitrary code execution
- BZ - 1928886 - CVE-2020-13558 webkitgtk: Use-after-free in AudioSourceProviderGStreamer leading to arbitrary code execution
- BZ - 1944323 - CVE-2020-27918 webkitgtk: Use-after-free leading to arbitrary code execution
- BZ - 1944329 - CVE-2020-29623 webkitgtk: User may be unable to fully delete browsing history
- BZ - 1944331 - CVE-2020-9947 webkitgtk: use after free issue may lead to arbitrary code execution
- BZ - 1944333 - CVE-2021-1765 webkitgtk: IFrame sandboxing policy violation
- BZ - 1944337 - CVE-2021-1789 webkitgtk: Type confusion issue leading to arbitrary code execution
- BZ - 1944340 - CVE-2021-1799 webkitgtk: Access to restricted ports on arbitrary servers via port redirection
- BZ - 1944343 - CVE-2021-1801 webkitgtk: IFrame sandboxing policy violation
- BZ - 1944350 - CVE-2021-1870 webkitgtk: Logic issue leading to arbitrary code execution
- BZ - 1944859 - CVE-2021-1788 webkitgtk: Use-after-free leading to arbitrary code execution
- BZ - 1944862 - CVE-2021-1844 webkitgtk: Memory corruption issue leading to arbitrary code execution
- BZ - 1944867 - CVE-2021-1871 webkitgtk: Logic issue leading to arbitrary code execution
- BZ - 1980441 - CVE-2021-21806 webkitgtk: Use-after-free in fireEventListeners leading to arbitrary code execution
- BZ - 1986852 - CVE-2021-1817 webkitgtk: Memory corruption leading to arbitrary code execution
- BZ - 1986856 - CVE-2021-1820 webkitgtk: Memory initialization issue possibly leading to memory disclosure
- BZ - 1986858 - CVE-2021-1825 webkitgtk: Input validation issue leading to cross site scripting attack
- BZ - 1986860 - CVE-2021-1826 webkitgtk: Logic issue leading to universal cross site scripting attack
- BZ - 1986863 - CVE-2021-21775 webkitgtk: Use-after-free in ImageLoader dispatchPendingErrorEvent leading to information leak and possibly code execution
- BZ - 1986866 - CVE-2021-21779 webkitgtk: Use-after-free in WebCore::GraphicsContext leading to information leak and possibly code execution
- BZ - 1986870 - CVE-2021-30661 webkitgtk: Use-after-free leading to arbitrary code execution
- BZ - 1986872 - CVE-2021-30663 webkitgtk: Integer overflow leading to arbitrary code execution
- BZ - 1986874 - CVE-2021-30665 webkitgtk: Memory corruption leading to arbitrary code execution
- BZ - 1986877 - CVE-2021-30666 webkitgtk: Buffer overflow leading to arbitrary code execution
- BZ - 1986879 - CVE-2021-30682 webkitgtk: Logic issue leading to leak of sensitive user information
- BZ - 1986881 - CVE-2021-30689 webkitgtk: Logic issue leading to universal cross site scripting attack
- BZ - 1986883 - CVE-2021-30720 webkitgtk: Logic issue allowing access to restricted ports on arbitrary servers
- BZ - 1986886 - CVE-2021-30734 webkitgtk: Memory corruptions leading to arbitrary code execution
- BZ - 1986888 - CVE-2021-30744 webkitgtk: Cross-origin issue with iframe elements leading to universal cross site scripting attack
- BZ - 1986890 - CVE-2021-30749 webkitgtk: Memory corruptions leading to arbitrary code execution
- BZ - 1986892 - CVE-2021-30758 webkitgtk: Type confusion leading to arbitrary code execution
- BZ - 1986894 - CVE-2021-30761 webkitgtk: Memory corruption leading to arbitrary code execution
- BZ - 1986898 - CVE-2021-30762 webkitgtk: Use-after-free leading to arbitrary code execution
- BZ - 1986900 - CVE-2021-30795 webkitgtk: Use-after-free leading to arbitrary code execution
- BZ - 1986902 - CVE-2021-30797 webkitgtk: Insufficient checks leading to arbitrary code execution
- BZ - 1986906 - CVE-2021-30799 webkitgtk: Memory corruptions leading to arbitrary code execution
- BZ - 2016673 - CVE-2021-42762 webkitgtk: limited sandbox escape via VFS syscalls
- BZ - 2017898 - CVE-2021-30846 webkitgtk: Memory corruption issue leading to arbitrary code execution
- BZ - 2017901 - CVE-2021-30848 webkitgtk: Memory corruption issue leading to arbitrary code execution
- BZ - 2017904 - CVE-2021-30849 webkitgtk: Multiple memory corruption issue leading to arbitrary code execution
- BZ - 2018573 - CVE-2021-30851 webkitgtk: Memory corruption issue leading to arbitrary code execution
- BZ - 2034347 - CVE-2021-30809 webkitgtk: Use-after-free leading to arbitrary code execution
- BZ - 2034368 - CVE-2021-30818 webkitgtk: Type confusion issue leading to arbitrary code execution
- BZ - 2034373 - CVE-2021-30823 webkitgtk: Logic issue leading to HSTS bypass
- BZ - 2034376 - CVE-2021-30836 webkitgtk: Out-of-bounds read leading to memory disclosure
- BZ - 2034378 - CVE-2021-30884 webkitgtk: CSS compositing issue leading to revealing of the browsing history
- BZ - 2034381 - CVE-2021-30887 webkitgtk: Logic issue leading to Content Security Policy bypass
- BZ - 2034383 - CVE-2021-30888 webkitgtk: Information leak via Content Security Policy reports
- BZ - 2034386 - CVE-2021-30889 webkitgtk: Buffer overflow leading to arbitrary code execution
- BZ - 2034389 - CVE-2021-30890 webkitgtk: Logic issue leading to universal cross-site scripting
- BZ - 2037469 - CVE-2022-0108 chromium-browser: Inappropriate implementation in Navigation
- BZ - 2038907 - CVE-2021-30897 webkitgtk: Cross-origin data exfiltration via resource timing API
- BZ - 2040327 - CVE-2021-45481 webkitgtk: Incorrect memory allocation in WebCore::ImageBufferCairoImageSurfaceBackend::create
- BZ - 2040329 - CVE-2021-45482 webkitgtk: use-after-free in WebCore::ContainerNode::firstChild
- BZ - 2040331 - CVE-2021-45483 webkitgtk: use-after-free in WebCore::Frame::page
- BZ - 2044521 - CVE-2021-30934 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution
- BZ - 2044528 - CVE-2021-30936 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution
- BZ - 2044534 - CVE-2021-30951 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution
- BZ - 2044538 - CVE-2021-30952 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution
- BZ - 2044542 - CVE-2021-30953 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution
- BZ - 2044551 - CVE-2021-30954 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution
- BZ - 2044553 - CVE-2021-30984 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution
- BZ - 2045291 - CVE-2022-22594 webkitgtk: A malicious website may exfiltrate data cross-origin
- BZ - 2053179 - CVE-2022-22589 webkitgtk: Processing a maliciously crafted mail message may lead to running arbitrary javascript
- BZ - 2053181 - CVE-2022-22590 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution
- BZ - 2053185 - CVE-2022-22592 webkitgtk: Processing maliciously crafted web content may prevent Content Security Policy from being enforced
- BZ - 2056474 - CVE-2022-22620 webkitgtk: maliciously crafted web content may lead to arbitrary code execution due to use after free
- BZ - 2073893 - CVE-2022-22624 webkitgtk: Use-after-free leading to arbitrary code execution
- BZ - 2073896 - CVE-2022-22628 webkitgtk: Use-after-free leading to arbitrary code execution
- BZ - 2073899 - CVE-2022-22629 webkitgtk: Buffer overflow leading to arbitrary code execution
- BZ - 2073903 - CVE-2022-22637 webkitgtk: logic issue was addressed with improved state management
- BZ - 2082544 - CVE-2022-30294 webkitgtk: heap-buffer-overflow in WebCore::TextureMapperLayer::setContentsLayer
- BZ - 2082548 - CVE-2022-30293 webkitgtk: Heap buffer overflow in WebCore::TextureMapperLayer::setContentsLayer leading to arbitrary code execution
- BZ - 2092732 - CVE-2022-26700 webkitgtk: Memory corruption issue leading to arbitrary code execution
- BZ - 2092733 - CVE-2022-26709 webkitgtk: Use-after-free leading to arbitrary code execution
- BZ - 2092734 - CVE-2022-26716 webkitgtk: Memory corruption issue leading to arbitrary code execution
- BZ - 2092735 - CVE-2022-26717 webkitgtk: Use-after-free leading to arbitrary code execution
- BZ - 2092736 - CVE-2022-26719 webkitgtk: Memory corruption issue leading to arbitrary code execution
- BZ - 2104787 - CVE-2022-22662 webkitgtk: Cookie management issue leading to sensitive user information disclosure
- BZ - 2104788 - CVE-2022-22677 webkitgtk: the video in a webRTC call may be interrupted if the audio capture gets interrupted
- BZ - 2104789 - CVE-2022-26710 webkitgtk: Use-after-free leading to arbitrary code execution
- BZ - 2121645 - CVE-2022-32893 webkitgtk: processing maliciously crafted web content may lead to arbitrary code execution
- BZ - 2128643 - CVE-2022-32886 webkitgtk: buffer overflow issue was addressed with improved memory handling
- BZ - 2128645 - CVE-2022-32912 webkitgtk: out-of-bounds read was addressed with improved bounds checking
- BZ - 2128647 - CVE-2022-32891 webkitgtk: UI spoofing while Visiting a website that frames malicious content
- BZ - 2140501 - CVE-2022-32888 webkitgtk: out-of-bounds write issue was addressed with improved bounds checking
- BZ - 2140502 - CVE-2022-32923 webkitgtk: correctness issue in the JIT was addressed with improved checks
- BZ - 2140503 - CVE-2022-42799 webkitgtk: issue was addressed with improved UI handling
- BZ - 2140504 - CVE-2022-42824 webkitgtk: sensitive information disclosure issue
- BZ - 2140505 - CVE-2022-42823 webkitgtk: type confusion issue leading to arbitrary code execution
- BZ - 2153683 - CVE-2022-42856 webkitgtk: processing maliciously crafted web content may lead to an arbitrary code execution
- BZ - 2156986 - CVE-2022-42852 webkitgtk: memory disclosure issue was addressed with improved memory handling
- BZ - 2156987 - CVE-2022-42863 webkitgtk: memory corruption issue leading to arbitrary code execution
- BZ - 2156989 - CVE-2022-42867 webkitgtk: use-after-free issue leading to arbitrary code execution
- BZ - 2156990 - CVE-2022-46691 webkitgtk: memory corruption issue leading to arbitrary code execution
- BZ - 2156991 - CVE-2022-46692 webkitgtk: Same Origin Policy bypass issue
- BZ - 2156992 - CVE-2022-46698 webkitgtk: logic issue leading to user information disclosure
- BZ - 2156993 - CVE-2022-46699 webkitgtk: memory corruption issue leading to arbitrary code execution
- BZ - 2156994 - CVE-2022-46700 webkitgtk: memory corruption issue leading to arbitrary code execution
- BZ - 2167715 - CVE-2023-23518 webkitgtk: memory corruption issue leading to arbitrary code execution
- BZ - 2167716 - CVE-2022-42826 webkitgtk: use-after-free issue leading to arbitrary code execution
- BZ - 2167717 - CVE-2023-23517 webkitgtk: memory corruption issue leading to arbitrary code execution
- BZ - 2169934 - CVE-2023-23529 webkitgtk: processing maliciously crafted web content may be exploited for arbitrary code execution
- BZ - 2175099 - CVE-2023-25358 webkitgtk: heap-use-after-free in WebCore::RenderLayer::addChild()
- BZ - 2185724 - CVE-2023-28205 WebKitGTK: use-after-free leads to arbitrary code execution
- BZ - 2209208 - CVE-2023-28204 webkitgtk: an out-of-bounds read when processing malicious content
- BZ - 2209214 - CVE-2023-32373 webkitgtk: a use-after-free when processing maliciously crafted web content
- BZ - 2218623 - CVE-2022-48503 webkitgtk: improper bounds checking leading to arbitrary code execution
- BZ - 2218626 - CVE-2023-32435 webkitgtk: memory corruption issue leading to arbitrary code execution
- BZ - 2218640 - CVE-2023-32439 webkitgtk: type confusion issue leading to arbitrary code execution
- BZ - 2223000 - CVE-2023-37450 webkitgtk: arbitrary code execution
- BZ - 2224608 - CVE-2023-32393 webkitgtk: arbitrary code execution
- BZ - 2231015 - CVE-2023-38133 webkitgtk: disclose sensitive information
- BZ - 2231017 - CVE-2023-38592 webkitgtk: Processing web content may lead to arbitrary code execution
- BZ - 2231018 - CVE-2023-38594 webkitgtk: arbitrary code execution
- BZ - 2231019 - CVE-2023-38595 webkitgtk: arbitrary code execution
- BZ - 2231020 - CVE-2023-38599 webkitgtk: track sensitive user information
- BZ - 2231021 - CVE-2023-38600 webkitgtk: arbitrary code execution
- BZ - 2231022 - CVE-2023-38611 webkitgtk: arbitrary code execution
- BZ - 2231028 - CVE-2023-38572 webkitgtk: bypass Same Origin Policy
- BZ - 2231043 - CVE-2023-38597 webkitgtk: arbitrary code execution
- BZ - 2236842 - CVE-2022-32885 webkitgtk: Memory corruption issue when processing web content
- BZ - 2236843 - CVE-2023-27932 webkitgtk: Same Origin Policy bypass via crafted web content
- BZ - 2236844 - CVE-2023-27954 webkitgtk: Website may be able to track sensitive user information
- BZ - 2238943 - CVE-2023-28198 webkitgtk: use after free vulnerability
- BZ - 2238944 - CVE-2023-32370 webkitgtk: content security policy blacklist failure
- BZ - 2238945 - CVE-2023-40397 webkitgtk: arbitrary javascript code execution
- BZ - 2238973 - CVE-2022-32792 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution
- BZ - 2238975 - CVE-2022-32816 webkitgtk: malicious content may lead to UI spoofing
- BZ - 2240522 - CVE-2023-41993 webkitgtk: processing malicious web content may lead to arbitrary code execution
- BZ - 2241400 - CVE-2023-39928 webkitgtk: use-after-free in the MediaRecorder API of the WebKit GStreamer-based ports
- BZ - 2241403 - CVE-2023-35074 webkitgtk: processing web content may lead to arbitrary code execution
- BZ - 2241409 - CVE-2023-40451 webkitgtk: attacker with JavaScript execution may be able to execute arbitrary code
- BZ - 2241412 - CVE-2023-41074 webkitgtk: processing web content may lead to arbitrary code execution
- BZ - 2253054 - CVE-2023-42916 webkitgtk: Out-of-bounds read leads to sensitive data leak
- BZ - 2253058 - CVE-2023-42917 webkitgtk: Arbitrary Remote Code Execution
- BZ - 2254326 - CVE-2023-42883 webkitgtk: processing a malicious image may lead to a denial of service
- BZ - 2254327 - CVE-2023-42890 webkitgtk: processing malicious web content may lead to arbitrary code execution
- BZ - 2259893 - CVE-2024-23222 webkitgtk: type confusion may lead to arbitrary code execution
- BZ - 2270141 - CVE-2024-23213 webkitgtk: Processing web content may lead to arbitrary code execution
- BZ - 2270143 - CVE-2023-40414 webkitgtk: Processing web content may lead to arbitrary code execution
- BZ - 2270146 - CVE-2023-42833 webkitgtk: Processing web content may lead to arbitrary code execution
- BZ - 2270151 - CVE-2014-1745 webkitgtk: Processing a file may lead to a denial of service or potentially disclose memory contents
- BZ - 2270288 - CVE-2024-23252 webkit: processing malicious web content may lead to denial-of-service
- BZ - 2270289 - CVE-2024-23254 webkit: malicious website may exfiltrate audio data cross-origin
- BZ - 2270290 - CVE-2024-23263 webkit: processing malicious web content prevents Content Security Policy from being enforced
- BZ - 2270291 - CVE-2024-23280 webkit: maliciously crafted webpage may be able to fingerprint the user
- BZ - 2270292 - CVE-2024-23284 webkit: processing maliciously crafted web content prevents Content Security Policy from being enforced
- BZ - 2271437 - CVE-2022-32919 webkitgtk: Visiting a website that frames malicious content may lead to UI spoofing.
- BZ - 2271441 - CVE-2022-32933 webkitgtk: A website may able to track visited websites in private browsing
- BZ - 2271444 - CVE-2022-46705 webkitgtk: Visiting a malicious website may lead to address bar spoofing
- BZ - 2271446 - CVE-2022-46725 webkitgtk: Visiting a malicious website may lead to address bar spoofing.
- BZ - 2271449 - CVE-2023-32359 webkitgtk: User password may be read aloud by a text-to-speech accessibility feature
- BZ - 2271453 - CVE-2023-41983 webkitgtk: Processing web content may lead to a denial of service
- BZ - 2271456 - CVE-2023-42852 webkitgtk: Processing web content may lead to arbitrary code execution
- BZ - 2271717 - CVE-2023-42843 webkit: visiting a malicious website may lead to address bar spoofing
- BZ - 2271718 - CVE-2023-42950 webkit: heap use-after-free may lead to arbitrary code execution
- BZ - 2271719 - CVE-2023-42956 webkit: processing malicious web content may lead to a denial of service
- BZ - 2279689 - CVE-2024-4558 chromium-browser: Use after free in ANGLE
- BZ - 2282412 - CVE-2024-27834 webkit: pointer authentication bypass
- BZ - 2301841 - CVE-2024-40776 webkitgtk: webkit2gtk: Use after free may lead to Remote Code Execution
- BZ - 2302067 - CVE-2024-40789 webkitgtk: webkit2gtk: Processing maliciously crafted web content may lead to an unexpected process crash
- BZ - 2302069 - CVE-2024-40780 webkitgtk: webkit2gtk: Out-of-bounds read was addressed with improved bounds checking
- BZ - 2302070 - CVE-2024-40779 webkitgtk: webkit2gtk: Out-of-bounds read was addressed with improved bounds checking
- BZ - 2302071 - CVE-2024-40782 webkitgtk: webkit2gtk: Use-after-free was addressed with improved memory management
- BZ - 2312724 - CVE-2024-40866 webkitgtk: Visiting a malicious website may lead to address bar spoofing
- BZ - 2314696 - CVE-2024-23271 webkitgtk: A malicious website may cause unexpected cross-origin behavior
- BZ - 2314697 - CVE-2024-27808 webkitgtk: Processing web content may lead to arbitrary code execution
- BZ - 2314698 - CVE-2024-27820 webkitgtk: Processing web content may lead to arbitrary code execution
- BZ - 2314700 - CVE-2024-27833 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution
- BZ - 2314702 - CVE-2024-27838 webkitgtk: A maliciously crafted webpage may be able to fingerprint the user
- BZ - 2314704 - CVE-2024-27851 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution
- BZ - 2314706 - CVE-2024-44187 webkitgtk: A malicious website may exfiltrate data cross-origin
- BZ - 2323263 - CVE-2024-44185 webkitgtk: webkit2gtk: Processing maliciously crafted web content may lead to an unexpected process crash
- BZ - 2323278 - CVE-2024-44244 webkitgtk: webkit2gtk: Processing maliciously crafted web content may lead to an unexpected process crash
- BZ - 2323289 - CVE-2024-44296 webkitgtk: webkit2gtk: Processing maliciously crafted web content may prevent Content Security Policy from being enforced
- BZ - 2327927 - CVE-2024-44309 webkitgtk: data isolation bypass vulnerability
- BZ - 2327931 - CVE-2024-44308 webkitgtk: javascriptcore: processing maliciously crafted web content may lead to arbitrary code execution
- BZ - 2333841 - CVE-2024-54479 WebKitGTK: Processing maliciously crafted web content may lead to an unexpected process crash
- BZ - 2333843 - CVE-2024-54502 webkit: Processing maliciously crafted web content may lead to an unexpected process crash
- BZ - 2333844 - CVE-2024-54505 webkit: Processing maliciously crafted web content may lead to memory corruption
- BZ - 2333845 - CVE-2024-54508 webkit: Processing maliciously crafted web content may lead to an unexpected process crash
- BZ - 2333846 - CVE-2024-54534 webkit: Processing maliciously crafted web content may lead to memory corruption
- BZ - 2344618 - CVE-2024-27856 webkitgtk: Processing a file may lead to unexpected app termination or arbitrary code execution
- BZ - 2344619 - CVE-2024-54543 webkitgtk: Processing maliciously crafted web content may lead to memory corruption
- BZ - 2344621 - CVE-2025-24143 webkitgtk: A maliciously crafted webpage may be able to fingerprint the user
- BZ - 2344622 - CVE-2025-24150 webkitgtk: Copying a URL from Web Inspector may lead to command injection
- BZ - 2344623 - CVE-2025-24158 webkitgtk: Processing web content may lead to a denial-of-service
- BZ - 2344624 - CVE-2025-24162 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
- BZ - 2344946 - CVE-2024-54658 webkitgtk: Processing web content may lead to a denial-of-service
- BZ - 2351802 - CVE-2025-24201 webkitgtk: out-of-bounds write vulnerability
- BZ - 2353871 - CVE-2024-44192 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
- BZ - 2353872 - CVE-2024-54467 webkitgtk: A malicious website may exfiltrate data cross-origin
- BZ - 2357909 - CVE-2024-54551 webkitgtk: Processing web content may lead to a denial-of-service
- BZ - 2357910 - CVE-2025-24208 webkitgtk: Loading a malicious iframe may lead to a cross-site scripting attack
- BZ - 2357911 - CVE-2025-24209 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
- BZ - 2357913 - CVE-2025-24213 webkitgtk: A type confusion issue could lead to memory corruption
- BZ - 2357917 - CVE-2025-24216 webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash
- BZ - 2357918 - CVE-2025-24264 webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash
- BZ - 2357919 - CVE-2025-30427 webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash
- BZ - 2366497 - CVE-2023-42875 webkitgtk: Processing web content may lead to arbitrary code execution
- BZ - 2366498 - CVE-2023-42970 webkitgtk: Processing web content may lead to arbitrary code execution
- BZ - 2366499 - CVE-2025-24223 webkitgtk: Processing maliciously crafted web content may lead to memory corruption
- BZ - 2366500 - CVE-2025-31204 webkitgtk: Processing maliciously crafted web content may lead to memory corruption
- BZ - 2366501 - CVE-2025-31205 webkitgtk: A malicious website may exfiltrate data cross-origin
- BZ - 2366502 - CVE-2025-31206 webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash
- BZ - 2366503 - CVE-2025-31215 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
- BZ - 2366504 - CVE-2025-31257 webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash
CVEs
- CVE-2014-1745
- CVE-2020-9802
- CVE-2020-9803
- CVE-2020-9805
- CVE-2020-9806
- CVE-2020-9807
- CVE-2020-9843
- CVE-2020-9850
- CVE-2020-9862
- CVE-2020-9893
- CVE-2020-9894
- CVE-2020-9895
- CVE-2020-9915
- CVE-2020-9925
- CVE-2020-9947
- CVE-2020-9948
- CVE-2020-9951
- CVE-2020-9952
- CVE-2020-9983
- CVE-2020-13543
- CVE-2020-13558
- CVE-2020-13584
- CVE-2020-13753
- CVE-2020-27918
- CVE-2020-29623
- CVE-2021-1765
- CVE-2021-1788
- CVE-2021-1789
- CVE-2021-1799
- CVE-2021-1801
- CVE-2021-1817
- CVE-2021-1820
- CVE-2021-1825
- CVE-2021-1826
- CVE-2021-1844
- CVE-2021-1870
- CVE-2021-1871
- CVE-2021-21775
- CVE-2021-21779
- CVE-2021-21806
- CVE-2021-30661
- CVE-2021-30663
- CVE-2021-30665
- CVE-2021-30666
- CVE-2021-30682
- CVE-2021-30689
- CVE-2021-30720
- CVE-2021-30734
- CVE-2021-30744
- CVE-2021-30749
- CVE-2021-30758
- CVE-2021-30761
- CVE-2021-30762
- CVE-2021-30795
- CVE-2021-30797
- CVE-2021-30799
- CVE-2021-30809
- CVE-2021-30818
- CVE-2021-30823
- CVE-2021-30836
- CVE-2021-30846
- CVE-2021-30848
- CVE-2021-30849
- CVE-2021-30851
- CVE-2021-30884
- CVE-2021-30887
- CVE-2021-30888
- CVE-2021-30889
- CVE-2021-30890
- CVE-2021-30897
- CVE-2021-30934
- CVE-2021-30936
- CVE-2021-30951
- CVE-2021-30952
- CVE-2021-30953
- CVE-2021-30954
- CVE-2021-30984
- CVE-2021-42762
- CVE-2021-45481
- CVE-2021-45482
- CVE-2021-45483
- CVE-2022-0108
- CVE-2022-22589
- CVE-2022-22590
- CVE-2022-22592
- CVE-2022-22594
- CVE-2022-22620
- CVE-2022-22624
- CVE-2022-22628
- CVE-2022-22629
- CVE-2022-22637
- CVE-2022-22662
- CVE-2022-22677
- CVE-2022-26700
- CVE-2022-26709
- CVE-2022-26710
- CVE-2022-26716
- CVE-2022-26717
- CVE-2022-26719
- CVE-2022-30293
- CVE-2022-30294
- CVE-2022-32792
- CVE-2022-32816
- CVE-2022-32885
- CVE-2022-32886
- CVE-2022-32888
- CVE-2022-32891
- CVE-2022-32893
- CVE-2022-32912
- CVE-2022-32919
- CVE-2022-32923
- CVE-2022-32933
- CVE-2022-42799
- CVE-2022-42823
- CVE-2022-42824
- CVE-2022-42826
- CVE-2022-42852
- CVE-2022-42856
- CVE-2022-42863
- CVE-2022-42867
- CVE-2022-46691
- CVE-2022-46692
- CVE-2022-46698
- CVE-2022-46699
- CVE-2022-46700
- CVE-2022-46705
- CVE-2022-46725
- CVE-2022-48503
- CVE-2023-23517
- CVE-2023-23518
- CVE-2023-23529
- CVE-2023-25358
- CVE-2023-27932
- CVE-2023-27954
- CVE-2023-28198
- CVE-2023-28204
- CVE-2023-28205
- CVE-2023-32359
- CVE-2023-32370
- CVE-2023-32373
- CVE-2023-32393
- CVE-2023-32435
- CVE-2023-32439
- CVE-2023-35074
- CVE-2023-37450
- CVE-2023-38133
- CVE-2023-38572
- CVE-2023-38592
- CVE-2023-38594
- CVE-2023-38595
- CVE-2023-38597
- CVE-2023-38599
- CVE-2023-38600
- CVE-2023-38611
- CVE-2023-39928
- CVE-2023-40397
- CVE-2023-40414
- CVE-2023-40451
- CVE-2023-41074
- CVE-2023-41983
- CVE-2023-41993
- CVE-2023-42833
- CVE-2023-42843
- CVE-2023-42852
- CVE-2023-42875
- CVE-2023-42883
- CVE-2023-42890
- CVE-2023-42916
- CVE-2023-42917
- CVE-2023-42950
- CVE-2023-42956
- CVE-2023-42970
- CVE-2024-4558
- CVE-2024-23213
- CVE-2024-23222
- CVE-2024-23252
- CVE-2024-23254
- CVE-2024-23263
- CVE-2024-23271
- CVE-2024-23280
- CVE-2024-23284
- CVE-2024-27808
- CVE-2024-27820
- CVE-2024-27833
- CVE-2024-27834
- CVE-2024-27838
- CVE-2024-27851
- CVE-2024-27856
- CVE-2024-40776
- CVE-2024-40779
- CVE-2024-40780
- CVE-2024-40782
- CVE-2024-40789
- CVE-2024-40866
- CVE-2024-44185
- CVE-2024-44187
- CVE-2024-44192
- CVE-2024-44244
- CVE-2024-44296
- CVE-2024-44308
- CVE-2024-44309
- CVE-2024-54467
- CVE-2024-54479
- CVE-2024-54502
- CVE-2024-54505
- CVE-2024-54508
- CVE-2024-54534
- CVE-2024-54543
- CVE-2024-54551
- CVE-2024-54658
- CVE-2025-24143
- CVE-2025-24150
- CVE-2025-24158
- CVE-2025-24162
- CVE-2025-24201
- CVE-2025-24208
- CVE-2025-24209
- CVE-2025-24213
- CVE-2025-24216
- CVE-2025-24223
- CVE-2025-24264
- CVE-2025-30427
- CVE-2025-31204
- CVE-2025-31205
- CVE-2025-31206
- CVE-2025-31215
- CVE-2025-31257
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux Server - Extended Life Cycle Support 7
| SRPM | |
|---|---|
| webkitgtk4-2.48.3-2.el7_9.src.rpm | SHA-256: c7d958ee8e3aba20e330aff059beac6b16dadd50fdba4e86856ca9ea02b92635 |
| x86_64 | |
| webkitgtk4-2.48.3-2.el7_9.x86_64.rpm | SHA-256: 21ea1b1218286f3d5265696da7e9a4d5e4c6a7e79868f18c0c01e8d6bd6bc430 |
| webkitgtk4-debuginfo-2.48.3-2.el7_9.x86_64.rpm | SHA-256: 0eba7fd75de64bacdb042ff54766992d3c54c3d9cd543989580a3a81cb2698ac |
| webkitgtk4-devel-2.48.3-2.el7_9.x86_64.rpm | SHA-256: cc2f1546901d580c067367fb69f469dbd8fed9f78725b478be0f10d23f3ff57a |
| webkitgtk4-doc-2.48.3-2.el7_9.noarch.rpm | SHA-256: cb38c8f5f191695c01627d4f2c7c0bf7369bd87306c42ed70cf7d8b005a88231 |
| webkitgtk4-jsc-2.48.3-2.el7_9.x86_64.rpm | SHA-256: 34aae10896bc52cddaec505d37adbddb7be5af171790f1149b358e9f260bf80d |
| webkitgtk4-jsc-devel-2.48.3-2.el7_9.x86_64.rpm | SHA-256: 970e08fb858de90b10ee2392bf0bd15aae097518a03bc3444cff3410a04581ce |
Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 7
| SRPM | |
|---|---|
| webkitgtk4-2.48.3-2.el7_9.src.rpm | SHA-256: c7d958ee8e3aba20e330aff059beac6b16dadd50fdba4e86856ca9ea02b92635 |
| s390x | |
| webkitgtk4-2.48.3-2.el7_9.s390x.rpm | SHA-256: 3a4b30fcd81cb6ebfafd3184041c28dd9e3aceb16b96d27f4c37b008db6490b1 |
| webkitgtk4-debuginfo-2.48.3-2.el7_9.s390x.rpm | SHA-256: 747729277c522898338b7251753a168dff6d12df6b39fe4ccd76e4a51f5d6b13 |
| webkitgtk4-debuginfo-2.48.3-2.el7_9.s390x.rpm | SHA-256: 747729277c522898338b7251753a168dff6d12df6b39fe4ccd76e4a51f5d6b13 |
| webkitgtk4-devel-2.48.3-2.el7_9.s390x.rpm | SHA-256: bae6df14ab2c5f6f299f72635d6c797644070e7387397d7fb26f62cfe9258f36 |
| webkitgtk4-doc-2.48.3-2.el7_9.noarch.rpm | SHA-256: cb38c8f5f191695c01627d4f2c7c0bf7369bd87306c42ed70cf7d8b005a88231 |
| webkitgtk4-jsc-2.48.3-2.el7_9.s390x.rpm | SHA-256: 54038dd6b905616d8df432a4e509634293dd848faed2451260f05009292e3af2 |
| webkitgtk4-jsc-devel-2.48.3-2.el7_9.s390x.rpm | SHA-256: 24952eff7c92e948638e9ab3cd2da8103fe76fdfd44ab6f050cb687796837ba4 |
Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, big endian 7
| SRPM | |
|---|---|
| webkitgtk4-2.48.3-2.el7_9.src.rpm | SHA-256: c7d958ee8e3aba20e330aff059beac6b16dadd50fdba4e86856ca9ea02b92635 |
| ppc64 | |
| webkitgtk4-doc-2.48.3-2.el7_9.noarch.rpm | SHA-256: cb38c8f5f191695c01627d4f2c7c0bf7369bd87306c42ed70cf7d8b005a88231 |
Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, little endian 7
| SRPM | |
|---|---|
| webkitgtk4-2.48.3-2.el7_9.src.rpm | SHA-256: c7d958ee8e3aba20e330aff059beac6b16dadd50fdba4e86856ca9ea02b92635 |
| ppc64le | |
| webkitgtk4-doc-2.48.3-2.el7_9.noarch.rpm | SHA-256: cb38c8f5f191695c01627d4f2c7c0bf7369bd87306c42ed70cf7d8b005a88231 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
