RLSA-2025:13780

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.

Security Fix(es):

• angle: insufficient input validation can cause undefined behavior (CVE-2025-6558)

• webkitgtk: A download?s origin may be incorrectly associated (CVE-2025-43240)

• webkitgtk: Processing maliciously crafted web content may lead to memory corruption (CVE-2025-31273)

• webkitgtk: Processing maliciously crafted web content may lead to memory corruption (CVE-2025-31278)

• webkitgtk: Processing web content may lead to a denial-of-service (CVE-2025-43211)

• webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash (CVE-2025-43212)

• webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash (CVE-2025-43216)

• webkitgtk: Processing maliciously crafted web content may disclose sensitive user information (CVE-2025-43227)

• webkitgtk: Processing maliciously crafted web content may disclose internal states of the app (CVE-2025-43265)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.