rpm package

suse/webkit2gtk3-soup2&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS

pkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOS

Vulnerabilities (94)

CVE	Sev	CVSS	KEV	Affected versions	Fixed in	Published	Description
CVE-2023-43010		—		< 2.52.0-150400.4.137.3	2.52.0-150400.4.137.3	Mar 12, 2026	The issue was addressed with improved memory handling. This issue is fixed in iOS 17.2 and iPadOS 17.2, macOS Sonoma 14.2, Safari 17.2, iOS 16.7.15 and iPadOS 16.7.15, iOS 15.8.7 and iPadOS 15.8.7. Processing maliciously crafted web content may lead to memory corruption.
CVE-2026-20676	Med	5.3		< 2.52.0-150400.4.137.3	2.52.0-150400.4.137.3	Feb 11, 2026	This issue was addressed through improved state management. This issue is fixed in Safari 26.3, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. A website may be able to track users through Safari web extensions.
CVE-2026-20652	Hig	7.5		< 2.52.0-150400.4.137.3	2.52.0-150400.4.137.3	Feb 11, 2026	The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. A remote attacker may be able to cause a denial-of-service.
CVE-2026-20644	Med	6.5		< 2.52.0-150400.4.137.3	2.52.0-150400.4.137.3	Feb 11, 2026	The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. Processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2026-20636	Med	6.5		< 2.52.0-150400.4.137.3	2.52.0-150400.4.137.3	Feb 11, 2026	The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. Processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2026-20635	Med	4.3		< 2.52.0-150400.4.137.3	2.52.0-150400.4.137.3	Feb 11, 2026	The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. Processing maliciously crafted web content may lead to an unexpected proces
CVE-2026-20608	Med	5.5		< 2.52.0-150400.4.137.3	2.52.0-150400.4.137.3	Feb 11, 2026	This issue was addressed through improved state management. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. Processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2025-46299	Med	4.3		< 2.52.0-150400.4.137.3	2.52.0-150400.4.137.3	Jan 9, 2026	A memory initialization issue was addressed with improved memory handling. This issue is fixed in Safari 26.2, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. Processing maliciously crafted web content may disclose internal states of the app.
CVE-2025-43536	Med	4.3		< 2.50.4-150400.4.134.1	2.50.4-150400.4.134.1	Dec 17, 2025	A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2. Processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2025-43531	Low	3.1		< 2.50.4-150400.4.134.1	2.50.4-150400.4.134.1	Dec 17, 2025	A race condition was addressed with improved state handling. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. Processing maliciously crafted web content may lead to an unexpected
CVE-2025-43529	Hig	8.8	KEV	< 2.50.4-150400.4.134.1	2.50.4-150400.4.134.1	Dec 17, 2025	A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. Processing maliciously crafted web content may lead to arbit
CVE-2025-43535		—		< 2.50.4-150400.4.134.1	2.50.4-150400.4.134.1	Dec 17, 2025	The issue was addressed with improved memory handling. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2. Processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2025-43541		—		< 2.50.4-150400.4.134.1	2.50.4-150400.4.134.1	Dec 17, 2025	A type confusion issue was addressed with improved state handling. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2. Processing maliciously crafted web content may lead to an unexpected Safari crash.
CVE-2025-43501		—		< 2.50.4-150400.4.134.1	2.50.4-150400.4.134.1	Dec 17, 2025	A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2. Processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2025-43511	Med	6.5		< 2.52.0-150400.4.137.3	2.52.0-150400.4.137.3	Dec 12, 2025	A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.2, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2, watchOS 26.2. Processing maliciously crafted web content may lead to an unexpected pr
CVE-2025-14174		—	KEV	< 2.50.4-150400.4.134.1	2.50.4-150400.4.134.1	Dec 12, 2025	Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 143.0.7499.110 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
CVE-2025-66287	Hig	8.8		< 2.50.3-150400.4.130.4	2.50.3-150400.4.130.4	Dec 4, 2025	A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling.
CVE-2025-13947	Hig	7.4		< 2.50.3-150400.4.130.4	2.50.3-150400.4.130.4	Dec 3, 2025	A flaw was found in WebKitGTK. This vulnerability allows remote, user-assisted information disclosure that can reveal any file the user is permitted to read via abusing the file drag-and-drop mechanism where WebKitGTK does not verify that drag operations originate from outside th
CVE-2025-13502	Hig	7.5		< 2.50.3-150400.4.130.4	2.50.3-150400.4.130.4	Nov 25, 2025	A flaw was found in WebKitGTK and WPE WebKit. This vulnerability allows an out-of-bounds read and integer underflow, leading to a UIProcess crash (DoS) via a crafted payload to the GLib remote inspector server.
CVE-2023-43000		—	KEV	< 2.50.3-150400.4.130.4	2.50.3-150400.4.130.4	Nov 5, 2025	A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.5, iOS 16.6 and iPadOS 16.6, Safari 16.6, iOS 15.8.7 and iPadOS 15.8.7. Processing maliciously crafted web content may lead to memory corruption.

CVE-2023-43010Mar 12, 2026
affected < 2.52.0-150400.4.137.3fixed 2.52.0-150400.4.137.3
The issue was addressed with improved memory handling. This issue is fixed in iOS 17.2 and iPadOS 17.2, macOS Sonoma 14.2, Safari 17.2, iOS 16.7.15 and iPadOS 16.7.15, iOS 15.8.7 and iPadOS 15.8.7. Processing maliciously crafted web content may lead to memory corruption.
CVE-2026-20676MedFeb 11, 2026
affected < 2.52.0-150400.4.137.3fixed 2.52.0-150400.4.137.3
This issue was addressed through improved state management. This issue is fixed in Safari 26.3, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. A website may be able to track users through Safari web extensions.
CVE-2026-20652HigFeb 11, 2026
affected < 2.52.0-150400.4.137.3fixed 2.52.0-150400.4.137.3
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. A remote attacker may be able to cause a denial-of-service.
CVE-2026-20644MedFeb 11, 2026
affected < 2.52.0-150400.4.137.3fixed 2.52.0-150400.4.137.3
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. Processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2026-20636MedFeb 11, 2026
affected < 2.52.0-150400.4.137.3fixed 2.52.0-150400.4.137.3
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. Processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2026-20635MedFeb 11, 2026
affected < 2.52.0-150400.4.137.3fixed 2.52.0-150400.4.137.3
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. Processing maliciously crafted web content may lead to an unexpected proces
CVE-2026-20608MedFeb 11, 2026
affected < 2.52.0-150400.4.137.3fixed 2.52.0-150400.4.137.3
This issue was addressed through improved state management. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. Processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2025-46299MedJan 9, 2026
affected < 2.52.0-150400.4.137.3fixed 2.52.0-150400.4.137.3
A memory initialization issue was addressed with improved memory handling. This issue is fixed in Safari 26.2, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. Processing maliciously crafted web content may disclose internal states of the app.
CVE-2025-43536MedDec 17, 2025
affected < 2.50.4-150400.4.134.1fixed 2.50.4-150400.4.134.1
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2. Processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2025-43531LowDec 17, 2025
affected < 2.50.4-150400.4.134.1fixed 2.50.4-150400.4.134.1
A race condition was addressed with improved state handling. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. Processing maliciously crafted web content may lead to an unexpected
CVE-2025-43529HigKEVDec 17, 2025
affected < 2.50.4-150400.4.134.1fixed 2.50.4-150400.4.134.1
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. Processing maliciously crafted web content may lead to arbit
CVE-2025-43535Dec 17, 2025
affected < 2.50.4-150400.4.134.1fixed 2.50.4-150400.4.134.1
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2. Processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2025-43541Dec 17, 2025
affected < 2.50.4-150400.4.134.1fixed 2.50.4-150400.4.134.1
A type confusion issue was addressed with improved state handling. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2. Processing maliciously crafted web content may lead to an unexpected Safari crash.
CVE-2025-43501Dec 17, 2025
affected < 2.50.4-150400.4.134.1fixed 2.50.4-150400.4.134.1
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2. Processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2025-43511MedDec 12, 2025
affected < 2.52.0-150400.4.137.3fixed 2.52.0-150400.4.137.3
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.2, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2, watchOS 26.2. Processing maliciously crafted web content may lead to an unexpected pr
CVE-2025-14174KEVDec 12, 2025
affected < 2.50.4-150400.4.134.1fixed 2.50.4-150400.4.134.1
Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 143.0.7499.110 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
CVE-2025-66287HigDec 4, 2025
affected < 2.50.3-150400.4.130.4fixed 2.50.3-150400.4.130.4
A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling.
CVE-2025-13947HigDec 3, 2025
affected < 2.50.3-150400.4.130.4fixed 2.50.3-150400.4.130.4
A flaw was found in WebKitGTK. This vulnerability allows remote, user-assisted information disclosure that can reveal any file the user is permitted to read via abusing the file drag-and-drop mechanism where WebKitGTK does not verify that drag operations originate from outside th
CVE-2025-13502HigNov 25, 2025
affected < 2.50.3-150400.4.130.4fixed 2.50.3-150400.4.130.4
A flaw was found in WebKitGTK and WPE WebKit. This vulnerability allows an out-of-bounds read and integer underflow, leading to a UIProcess crash (DoS) via a crafted payload to the GLib remote inspector server.
CVE-2023-43000KEVNov 5, 2025
affected < 2.50.3-150400.4.130.4fixed 2.50.3-150400.4.130.4
A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.5, iOS 16.6 and iPadOS 16.6, Safari 16.6, iOS 15.8.7 and iPadOS 15.8.7. Processing maliciously crafted web content may lead to memory corruption.

Page 1 of 5