ALSA-2025:13780

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.

Security Fix(es):

• angle: insufficient input validation can cause undefined behavior (CVE-2025-6558)
• webkitgtk: A download?s origin may be incorrectly associated (CVE-2025-43240)
• webkitgtk: Processing maliciously crafted web content may lead to memory corruption (CVE-2025-31273)
• webkitgtk: Processing maliciously crafted web content may lead to memory corruption (CVE-2025-31278)
• webkitgtk: Processing web content may lead to a denial-of-service (CVE-2025-43211)
• webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash (CVE-2025-43212)
• webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash (CVE-2025-43216)
• webkitgtk: Processing maliciously crafted web content may disclose sensitive user information (CVE-2025-43227)
• webkitgtk: Processing maliciously crafted web content may disclose internal states of the app (CVE-2025-43265)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.