Issued:: 2025-06-04
Updated:: 2025-06-04

RHSA-2025:8530 - Security Advisory

Overview
Updated Packages

Synopsis

Important: webkit2gtk3 security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.

Security Fix(es):

webkitgtk: A malicious website may exfiltrate data cross-origin

(CVE-2025-31205)

webkitgtk: Processing maliciously crafted web content may lead to an

unexpected Safari crash (CVE-2025-31257)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux Server - AUS 8.4 x86_64

Fixes

BZ - 2366501 - CVE-2025-31205 webkitgtk: A malicious website may exfiltrate data cross-origin
BZ - 2366504 - CVE-2025-31257 webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash

CVEs

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 8.4

SRPM
webkit2gtk3-2.48.2-1.el8_4.src.rpm	SHA-256: ddf80260c1469e74ffca98e39b46c7b3fc37b169acfd43869d9b22651108d0cb
x86_64
webkit2gtk3-2.48.2-1.el8_4.i686.rpm	SHA-256: 110c835d70a106969771eaa5744c1bb39c7936c5094dc94fd16cccd4523c810d
webkit2gtk3-2.48.2-1.el8_4.x86_64.rpm	SHA-256: 1f9b668f11d7e2b513af02631d61629090d34fb722fe8f2e238d93092f9d0bc4
webkit2gtk3-debuginfo-2.48.2-1.el8_4.i686.rpm	SHA-256: 733aa604973ee1fbc9fe6187e952525f566e6ed50b2991a2301d824651caff34
webkit2gtk3-debuginfo-2.48.2-1.el8_4.x86_64.rpm	SHA-256: d79f272b67dba766fd638a553f269dba71c3214e292326878ee01203f53664cc
webkit2gtk3-debugsource-2.48.2-1.el8_4.i686.rpm	SHA-256: 2ec5c23fd09dee841e20ceca1ba2b995235519fba4916d6424610cd2cdcb6fb3
webkit2gtk3-debugsource-2.48.2-1.el8_4.x86_64.rpm	SHA-256: a6cf7b64b3ce8704dfd9878efa90086703b21dbb47b83d6845f686181c0d7e24
webkit2gtk3-devel-2.48.2-1.el8_4.i686.rpm	SHA-256: 8770458ebe8ae2f0d6ed138a52099ead9e711eef9f21014097ff63f7a8848f2a
webkit2gtk3-devel-2.48.2-1.el8_4.x86_64.rpm	SHA-256: 3fc91e88d75df07adcf99630f992595decca3b6124c1d3223cf3c9698e5e0662
webkit2gtk3-devel-debuginfo-2.48.2-1.el8_4.i686.rpm	SHA-256: 1057739b1cc64888ac2a1f3bb971102ed25efde4ccb968f127d530586c2df7de
webkit2gtk3-devel-debuginfo-2.48.2-1.el8_4.x86_64.rpm	SHA-256: 103797e58dc54c5ac140bdb5e5d193bae7ef46e4b098bedd089f34963f99898f
webkit2gtk3-jsc-2.48.2-1.el8_4.i686.rpm	SHA-256: 52775cad65b6b1ecbf6990b572d561b5c944860f092a33f481f0b045680a8fe9
webkit2gtk3-jsc-2.48.2-1.el8_4.x86_64.rpm	SHA-256: 547ed6a2aff6acb0a3720e16fdc929ce5cad3c499ce7b684f6991f041c134f63
webkit2gtk3-jsc-debuginfo-2.48.2-1.el8_4.i686.rpm	SHA-256: a48782d8dea0f1376784c6162e0f61108c28095b63bca5f93d6dcebb585cfc42
webkit2gtk3-jsc-debuginfo-2.48.2-1.el8_4.x86_64.rpm	SHA-256: 51bdcf69bb3f9af3f2ea89d70a9047c5b4886423bd53c1fec7a27492a0a280ed
webkit2gtk3-jsc-devel-2.48.2-1.el8_4.i686.rpm	SHA-256: 2477b079c49deaddedde06d77cc5c492b660e276ef1fe8199d0536648709ef0f
webkit2gtk3-jsc-devel-2.48.2-1.el8_4.x86_64.rpm	SHA-256: eae73a98d0c1e35df6a8f38b4e56de5ca5ea8cfbaa0ceb0bccd3d775e3a07656
webkit2gtk3-jsc-devel-debuginfo-2.48.2-1.el8_4.i686.rpm	SHA-256: 05da39f9f0f456838d69ffaa075bd6430440e5a40654c9bcd6cb392889927093
webkit2gtk3-jsc-devel-debuginfo-2.48.2-1.el8_4.x86_64.rpm	SHA-256: 0553249f61a5c90ac7d41960633992f380c5a4db903eb8a8fb8f73432c41b079

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation