{"dataType": "CVE_RECORD", "containers": {"adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "Unknown", "content": {"data": "{\"description\":\"Important\"}"}}}], "affected": [{"vendor": "redhat", "product": "webkitgtk", "platforms": ["cpe:/o:redhat:enterprise_linux:6"], "defaultStatus": "affected"}, {"vendor": "redhat", "product": "webkitgtk-devel", "platforms": ["cpe:/o:redhat:enterprise_linux:6"], "defaultStatus": "affected"}, {"vendor": "redhat", "product": "webkitgtk-doc", "platforms": ["cpe:/o:redhat:enterprise_linux:6"], "defaultStatus": "affected"}], "references": [{"url": "https://access.redhat.com/security/cve/CVE-2025-24201"}], "descriptions": [{"lang": "en", "value": "A flaw was found in WebKitGTK. Processing malicious web content can trigger an out-of-bounds write due to improper checks to prevent unauthorized actions, causing a break out of Web Content sandbox. \n            This vulnerability is only a risk for servers which utilize a GUI for system administration. This vulnerability can only be exploited when specific packages are used with a graphical interface to process untrusted web content, via GNOME for example.\n            Systems which do not rely on a GUI for system administration (commonly referred to as \"headless\") should confirm that GNOME shell and WebKitGTK are not present on the system.\n\nWebKitGTK3 is no longer used and can therefore be uninstalled without consequence.\n\nWebKitGTK4 is used in Red Hat Enterprise Linux 7 by the following packages: evolution-data-server, glade, gnome-boxes, gnome-initial-setup, gnome-online-accounts, gnome-shell, shotwell, sushi and yelp.\n\nTo mitigate this vulnerability, consider removing certain GNOME packages. Note that uninstalling these packages will break functionality in GNOME, however the server can still be used via the terminal interface."}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2025-03-11T00:00:00Z", "x_subShortName": "redhat_6"}}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "Unknown", "content": {"data": "{\"description\":\"Important\"}"}}}], "affected": [{"vendor": "redhat", "product": "libwebkit2gtk", "platforms": ["cpe:/o:redhat:enterprise_linux:7"], "defaultStatus": "affected"}, {"vendor": "redhat", "product": "webkitgtk3", "platforms": ["cpe:/o:redhat:enterprise_linux:7"], "defaultStatus": "affected"}, {"vendor": "redhat", "product": "webkitgtk3-devel", "platforms": ["cpe:/o:redhat:enterprise_linux:7"], "defaultStatus": "affected"}, {"vendor": "redhat", "product": "webkitgtk3-doc", "platforms": ["cpe:/o:redhat:enterprise_linux:7"], "defaultStatus": "affected"}], "references": [{"url": "https://access.redhat.com/security/cve/CVE-2025-24201"}], "descriptions": [{"lang": "en", "value": "A flaw was found in WebKitGTK. Processing malicious web content can trigger an out-of-bounds write due to improper checks to prevent unauthorized actions, causing a break out of Web Content sandbox. \n            This vulnerability is only a risk for servers which utilize a GUI for system administration. This vulnerability can only be exploited when specific packages are used with a graphical interface to process untrusted web content, via GNOME for example.\n            Systems which do not rely on a GUI for system administration (commonly referred to as \"headless\") should confirm that GNOME shell and WebKitGTK are not present on the system.\n\nWebKitGTK3 is no longer used and can therefore be uninstalled without consequence.\n\nWebKitGTK4 is used in Red Hat Enterprise Linux 7 by the following packages: evolution-data-server, glade, gnome-boxes, gnome-initial-setup, gnome-online-accounts, gnome-shell, shotwell, sushi and yelp.\n\nTo mitigate this vulnerability, consider removing certain GNOME packages. Note that uninstalling these packages will break functionality in GNOME, however the server can still be used via the terminal interface."}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2025-03-11T00:00:00Z", "x_subShortName": "redhat_7"}}, {"metrics": [{"other": {"type": "Unknown", "content": {"data": "{\"description\":\"not yet assigned\"}"}}}], "affected": [{"vendor": "debian", "product": "chromium", "versions": [{"status": "affected", "version": "0", "lessThan": "134.0.6998.88-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "chromium-common", "versions": [{"status": "affected", "version": "0", "lessThan": "134.0.6998.88-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "chromium-common-dbgsym", "versions": [{"status": "affected", "version": "0", "lessThan": "134.0.6998.88-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "chromium-dbgsym", "versions": [{"status": "affected", "version": "0", "lessThan": "134.0.6998.88-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "chromium-driver", "versions": [{"status": "affected", "version": "0", "lessThan": "134.0.6998.88-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "chromium-headless-shell", "versions": [{"status": "affected", "version": "0", "lessThan": "134.0.6998.88-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "chromium-headless-shell-dbgsym", "versions": [{"status": "affected", "version": "0", "lessThan": "134.0.6998.88-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "chromium-l10n", "versions": [{"status": "affected", "version": "0", "lessThan": "134.0.6998.88-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "chromium-sandbox", "versions": [{"status": "affected", "version": "0", "lessThan": "134.0.6998.88-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "chromium-sandbox-dbgsym", "versions": [{"status": "affected", "version": "0", "lessThan": "134.0.6998.88-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "chromium-shell", "versions": [{"status": "affected", "version": "0", "lessThan": "134.0.6998.88-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "chromium-shell-dbgsym", "versions": [{"status": "affected", "version": "0", "lessThan": "134.0.6998.88-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "gir1.2-javascriptcoregtk-4.0", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "gir1.2-javascriptcoregtk-4.1", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "gir1.2-javascriptcoregtk-6.0", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "gir1.2-webkit-6.0", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "gir1.2-webkit2-4.0", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "gir1.2-webkit2-4.1", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libjavascriptcoregtk-4.0-18", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libjavascriptcoregtk-4.0-18-dbgsym", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libjavascriptcoregtk-4.0-bin", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libjavascriptcoregtk-4.0-bin-dbgsym", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libjavascriptcoregtk-4.0-dev", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libjavascriptcoregtk-4.1-0", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libjavascriptcoregtk-4.1-0-dbgsym", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libjavascriptcoregtk-4.1-dev", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libjavascriptcoregtk-6.0-1", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libjavascriptcoregtk-6.0-1-dbgsym", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libjavascriptcoregtk-6.0-dev", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libwebkit2gtk-4.0-37", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libwebkit2gtk-4.0-37-dbgsym", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libwebkit2gtk-4.0-dev", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libwebkit2gtk-4.0-doc", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libwebkit2gtk-4.1-0", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libwebkit2gtk-4.1-0-dbgsym", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libwebkit2gtk-4.1-dev", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libwebkitgtk-6.0-4", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libwebkitgtk-6.0-4-dbgsym", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libwebkitgtk-6.0-dev", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "webkit2gtk-driver", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "webkit2gtk-driver-dbgsym", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "wpewebkit", "platforms": ["bookworm", "bullseye"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "gir1.2-javascriptcoregtk-4.0", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.3-1~deb11u1", "versionType": "deb"}], "platforms": ["bullseye"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "gir1.2-webkit2-4.0", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.3-1~deb11u1", "versionType": "deb"}], "platforms": ["bullseye"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libjavascriptcoregtk-4.0-18", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.3-1~deb11u1", "versionType": "deb"}], "platforms": ["bullseye"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libjavascriptcoregtk-4.0-18-dbgsym", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.3-1~deb11u1", "versionType": "deb"}], "platforms": ["bullseye"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libjavascriptcoregtk-4.0-bin", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.3-1~deb11u1", "versionType": "deb"}], "platforms": ["bullseye"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libjavascriptcoregtk-4.0-bin-dbgsym", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.3-1~deb11u1", "versionType": "deb"}], "platforms": ["bullseye"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libjavascriptcoregtk-4.0-dev", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.3-1~deb11u1", "versionType": "deb"}], "platforms": ["bullseye"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libwebkit2gtk-4.0-37", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.3-1~deb11u1", "versionType": "deb"}], "platforms": ["bullseye"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libwebkit2gtk-4.0-37-dbgsym", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.3-1~deb11u1", "versionType": "deb"}], "platforms": ["bullseye"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libwebkit2gtk-4.0-dev", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.3-1~deb11u1", "versionType": "deb"}], "platforms": ["bullseye"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libwebkit2gtk-4.0-doc", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.3-1~deb11u1", "versionType": "deb"}], "platforms": ["bullseye"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "webkit2gtk-driver", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.3-1~deb11u1", "versionType": "deb"}], "platforms": ["bullseye"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "webkit2gtk-driver-dbgsym", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.3-1~deb11u1", "versionType": "deb"}], "platforms": ["bullseye"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "gir1.2-javascriptcoregtk-4.1", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "gir1.2-javascriptcoregtk-6.0", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "gir1.2-webkit-6.0", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "gir1.2-webkit2-4.1", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libjavascriptcoregtk-4.0-bin", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libjavascriptcoregtk-4.1-0", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libjavascriptcoregtk-4.1-0-dbgsym", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libjavascriptcoregtk-4.1-dev", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libjavascriptcoregtk-6.0-1", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libjavascriptcoregtk-6.0-1-dbgsym", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libjavascriptcoregtk-6.0-dev", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libjavascriptcoregtk-bin", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libjavascriptcoregtk-bin-dbgsym", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libwebkit2gtk-4.0-doc", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libwebkit2gtk-4.1-0", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libwebkit2gtk-4.1-0-dbgsym", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libwebkit2gtk-4.1-dev", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libwebkitgtk-6.0-4", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libwebkitgtk-6.0-4-dbgsym", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libwebkitgtk-6.0-dev", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libwebkitgtk-doc", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libwpewebkit-1.0-doc", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libwpewebkit-2.0-1", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libwpewebkit-2.0-1-dbgsym", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libwpewebkit-2.0-dev", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "libwpewebkit-doc", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "webkit2gtk-driver", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "webkitgtk-webdriver", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "webkitgtk-webdriver-dbgsym", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "wpewebkit-driver", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "wpewebkit-webdriver", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "wpewebkit-webdriver-dbgsym", "versions": [{"status": "affected", "version": "0", "lessThan": "2.48.0-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}], "references": [{"url": "https://security-tracker.debian.org/tracker/CVE-2025-24201"}], "descriptions": [{"lang": "en", "value": "An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in Safari 18.3.1, iOS 15.8.4 and iPadOS 15.8.4, iOS 16.7.11 and iPadOS 16.7.11, iOS 18.3.2 and iPadOS 18.3.2, iPadOS 17.7.6, macOS Sequoia 15.3.2, visionOS 2.3.2, watchOS 11.4. Maliciously crafted web content may be able to break out of Web Content sandbox. This is a supplementary fix for an attack that was blocked in iOS 17.2. (Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2.)."}], "providerMetadata": {"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5", "shortName": "debian", "dateUpdated": "2025-03-12T00:00:00.000Z", "x_subShortName": "debian"}}, {"credits": [{"lang": "en", "value": "packager@almalinux.org"}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "Unknown", "content": {"data": "{\"description\":\"Important\"}"}}}], "affected": [{"vendor": "almalinux", "product": "webkit2gtk3", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-2.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "webkit2gtk3-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-2.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "webkit2gtk3-jsc", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-2.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "webkit2gtk3-jsc-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-2.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}], "references": [{"url": "https://access.redhat.com/security/cve/CVE-2025-24201", "name": "CVE-2025-24201"}], "descriptions": [{"lang": "en", "value": "WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.  \n\nSecurity Fix(es):  \n\n  * webkitgtk: out-of-bounds write vulnerability (CVE-2025-24201)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n"}], "providerMetadata": {"orgId": "00000000-0000-4000-A000-000000000001", "shortName": "almalinux", "dateUpdated": "2025-03-17T00:00:00Z", "x_subShortName": "alma_8"}}, {"credits": [{"lang": "en", "value": "packager@almalinux.org"}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "Unknown", "content": {"data": "{\"description\":\"Important\"}"}}}], "affected": [{"vendor": "almalinux", "product": "webkit2gtk3", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-2.el9_5", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "webkit2gtk3-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-2.el9_5", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "webkit2gtk3-jsc", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-2.el9_5", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "webkit2gtk3-jsc-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-2.el9_5", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}], "references": [{"url": "https://access.redhat.com/security/cve/CVE-2025-24201", "name": "CVE-2025-24201"}], "descriptions": [{"lang": "en", "value": "WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.  \n\nSecurity Fix(es):  \n\n  * webkitgtk: out-of-bounds write vulnerability (CVE-2025-24201)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n"}], "providerMetadata": {"orgId": "00000000-0000-4000-A000-000000000001", "shortName": "almalinux", "dateUpdated": "2025-03-17T00:00:00Z", "x_subShortName": "alma_9"}}, {"metrics": [{"other": {"type": "Unknown", "content": {"data": "{\"description\":\"high\"}"}}}], "affected": [{"vendor": "fedora", "product": "webkitgtk", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.0-1.fc40", "versionType": "rpm"}], "platforms": ["cpe:/o:fedoraproject:fedora:40"], "defaultStatus": "unaffected"}, {"vendor": "fedora", "product": "webkitgtk", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.0-1.fc41", "versionType": "rpm"}], "platforms": ["cpe:/o:fedoraproject:fedora:41"], "defaultStatus": "unaffected"}, {"vendor": "fedora", "product": "webkitgtk", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.0-1.fc42", "versionType": "rpm"}], "platforms": ["cpe:/o:fedoraproject:fedora:42"], "defaultStatus": "unaffected"}], "references": [{"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-0c6c204dae"}, {"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-80e387cc51"}, {"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-b92313b6f2"}], "descriptions": [{"lang": "en", "value": "webkitgtk: out-of-bounds write vulnerability"}], "providerMetadata": {"orgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5", "shortName": "fedora", "dateUpdated": "2025-03-21T00:15:51Z", "x_subShortName": "fedora"}}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "Unknown", "content": {"data": "{\"description\":\"IMPORTANT\"}"}}}], "affected": [{"vendor": "oraclelinux", "product": "webkit2gtk3", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-2.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "webkit2gtk3-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-2.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "webkit2gtk3-jsc", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-2.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "webkit2gtk3-jsc-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-2.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "webkit2gtk3", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-2.el9_5", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "webkit2gtk3-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-2.el9_5", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "webkit2gtk3-jsc", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-2.el9_5", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "webkit2gtk3-jsc-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-2.el9_5", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}], "references": [{"url": "https://linux.oracle.com/cve/CVE-2025-24201.html"}], "descriptions": [{"lang": "en", "value": "An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in visionOS 2.3.2, iOS 18.3.2 and iPadOS 18.3.2, macOS Sequoia 15.3.2, Safari 18.3.1. Maliciously crafted web content may be able to break out of Web Content sandbox. This is a supplementary fix for an attack that was blocked in iOS 17.2. (Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2.)."}], "providerMetadata": {"orgId": "00000000-0000-4000-A000-000000000006", "shortName": "oraclelinux", "dateUpdated": "2025-03-17T00:00:00Z", "x_subShortName": "oraclelinux"}}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "Unknown", "content": {"data": "{\"description\":\"Important\"}"}}}], "affected": [{"vendor": "redhat", "product": "webkit2gtk3", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-2.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "webkit2gtk3-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-2.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "webkit2gtk3-jsc", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-2.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "webkit2gtk3-jsc-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-2.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}], "references": [{"url": "https://access.redhat.com/errata/RHSA-2025:2863"}, {"url": "https://access.redhat.com/security/cve/CVE-2025-24201"}], "descriptions": [{"lang": "en", "value": "WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.\n\nSecurity Fix(es):\n\n* webkitgtk: out-of-bounds write vulnerability (CVE-2025-24201)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section."}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2025-03-11T00:00:00Z", "x_subShortName": "redhat_8"}}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "Unknown", "content": {"data": "{\"description\":\"Important\"}"}}}], "affected": [{"vendor": "redhat", "product": "webkit2gtk3", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-2.el9_5", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "webkit2gtk3-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-2.el9_5", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "webkit2gtk3-jsc", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-2.el9_5", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "webkit2gtk3-jsc-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-2.el9_5", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}], "references": [{"url": "https://access.redhat.com/errata/RHSA-2025:2864"}, {"url": "https://access.redhat.com/security/cve/CVE-2025-24201"}], "descriptions": [{"lang": "en", "value": "WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.\n\nSecurity Fix(es):\n\n* webkitgtk: out-of-bounds write vulnerability (CVE-2025-24201)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section."}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2025-03-11T00:00:00Z", "x_subShortName": "redhat_9"}}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "Unknown", "content": {"data": "{\"description\":\"Important\"}"}}}], "affected": [{"vendor": "rocky", "product": "webkit2gtk3", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-2.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "webkit2gtk3-debuginfo", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-2.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "webkit2gtk3-debugsource", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-2.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "webkit2gtk3-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-2.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "webkit2gtk3-devel-debuginfo", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-2.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "webkit2gtk3-jsc", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-2.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "webkit2gtk3-jsc-debuginfo", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-2.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "webkit2gtk3-jsc-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-2.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "webkit2gtk3-jsc-devel-debuginfo", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-2.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}], "references": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2351802"}], "descriptions": [{"lang": "en", "value": "webkitgtk: out-of-bounds write vulnerability (CVE-2025-24201)"}], "providerMetadata": {"orgId": "00000000-0000-4000-A000-000000000004", "shortName": "rocky", "dateUpdated": "2025-05-07T19:11:47Z", "x_subShortName": "rocky"}}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "Unknown", "content": {"data": "{\"description\":\"Important\"}"}}}], "affected": [{"vendor": "suse", "product": "WebKitGTK-4.0-lang", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150400.4.122.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles-ltss:15:sp5", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles:15:sp5", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_sap:15:sp5", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "WebKitGTK-4.1-lang", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150400.4.122.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles-ltss:15:sp5", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles:15:sp5", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_sap:15:sp5", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "WebKitGTK-6.0-lang", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150400.4.122.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles-ltss:15:sp5", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles:15:sp5", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_sap:15:sp5", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "libjavascriptcoregtk-4_0-18", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150400.4.122.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles-ltss:15:sp5", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles:15:sp5", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_sap:15:sp5", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "libjavascriptcoregtk-4_1-0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150400.4.122.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles-ltss:15:sp5", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles:15:sp5", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_sap:15:sp5", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "libjavascriptcoregtk-6_0-1", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150400.4.122.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles-ltss:15:sp5", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles:15:sp5", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_sap:15:sp5", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "libwebkit2gtk-4_0-37", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150400.4.122.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles-ltss:15:sp5", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles:15:sp5", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_sap:15:sp5", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "libwebkit2gtk-4_1-0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150400.4.122.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles-ltss:15:sp5", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles:15:sp5", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_sap:15:sp5", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "libwebkitgtk-6_0-4", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150400.4.122.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles-ltss:15:sp5", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles:15:sp5", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_sap:15:sp5", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-JavaScriptCore-4_0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150400.4.122.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles-ltss:15:sp5", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles:15:sp5", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_sap:15:sp5", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-JavaScriptCore-4_1", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150400.4.122.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles-ltss:15:sp5", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles:15:sp5", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_sap:15:sp5", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-WebKit2-4_0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150400.4.122.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles-ltss:15:sp5", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles:15:sp5", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_sap:15:sp5", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-WebKit2-4_1", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150400.4.122.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles-ltss:15:sp5", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles:15:sp5", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_sap:15:sp5", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-WebKit2WebExtension-4_0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150400.4.122.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles-ltss:15:sp5", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles:15:sp5", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_sap:15:sp5", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-WebKit2WebExtension-4_1", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150400.4.122.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles-ltss:15:sp5", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles:15:sp5", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_sap:15:sp5", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "webkit2gtk-4_0-injected-bundles", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150400.4.122.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles-ltss:15:sp5", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles:15:sp5", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_sap:15:sp5", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "webkit2gtk-4_1-injected-bundles", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150400.4.122.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles-ltss:15:sp5", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles:15:sp5", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_sap:15:sp5", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "webkit2gtk3-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150400.4.122.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles-ltss:15:sp5", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles:15:sp5", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_sap:15:sp5", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "webkit2gtk3-soup2-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150400.4.122.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles-ltss:15:sp5", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles:15:sp5", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_sap:15:sp5", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "webkitgtk-6_0-injected-bundles", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150400.4.122.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles-ltss:15:sp5", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles:15:sp5", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_sap:15:sp5", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "WebKitGTK-4.0-lang", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-150600.12.30.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "WebKitGTK-6.0-lang", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-150600.12.30.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "libjavascriptcoregtk-4_0-18", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-150600.12.30.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "libjavascriptcoregtk-6_0-1", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-150600.12.30.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "libwebkit2gtk-4_0-37", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-150600.12.30.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "libwebkitgtk-6_0-4", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-150600.12.30.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-JavaScriptCore-4_0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-150600.12.30.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-WebKit2-4_0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-150600.12.30.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-WebKit2WebExtension-4_0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-150600.12.30.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "webkit2gtk-4_0-injected-bundles", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-150600.12.30.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "webkit2gtk3-soup2-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-150600.12.30.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "webkitgtk-6_0-injected-bundles", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-150600.12.30.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "WebKitGTK-4.1-lang", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-150600.12.30.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-desktop-applications:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "libjavascriptcoregtk-4_1-0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-150600.12.30.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-desktop-applications:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "libwebkit2gtk-4_1-0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-150600.12.30.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-desktop-applications:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-JavaScriptCore-4_1", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-150600.12.30.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-desktop-applications:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-WebKit2-4_1", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-150600.12.30.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-desktop-applications:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-WebKit2WebExtension-4_1", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-150600.12.30.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-desktop-applications:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "webkit2gtk-4_1-injected-bundles", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-150600.12.30.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-desktop-applications:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "webkit2gtk3-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-150600.12.30.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-desktop-applications:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-JavaScriptCore-6_0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-150600.12.30.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-development-tools:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-WebKit-6_0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-150600.12.30.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-development-tools:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-WebKitWebProcessExtension-6_0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-150600.12.30.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-development-tools:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "webkit2gtk4-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-150600.12.30.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-development-tools:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "WebKitGTK-4.0-lang", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150600.12.43.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "WebKitGTK-6.0-lang", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150600.12.43.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "libjavascriptcoregtk-4_0-18", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150600.12.43.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "libjavascriptcoregtk-6_0-1", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150600.12.43.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "libwebkit2gtk-4_0-37", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150600.12.43.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "libwebkitgtk-6_0-4", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150600.12.43.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-JavaScriptCore-4_0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150600.12.43.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-WebKit2-4_0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150600.12.43.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-WebKit2WebExtension-4_0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150600.12.43.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "webkit2gtk-4_0-injected-bundles", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150600.12.43.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "webkit2gtk3-soup2-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150600.12.43.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "webkitgtk-6_0-injected-bundles", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150600.12.43.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "WebKitGTK-4.1-lang", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150600.12.43.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-desktop-applications:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "libjavascriptcoregtk-4_1-0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150600.12.43.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-desktop-applications:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "libwebkit2gtk-4_1-0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150600.12.43.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-desktop-applications:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-JavaScriptCore-4_1", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150600.12.43.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-desktop-applications:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-WebKit2-4_1", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150600.12.43.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-desktop-applications:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-WebKit2WebExtension-4_1", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150600.12.43.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-desktop-applications:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "webkit2gtk-4_1-injected-bundles", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150600.12.43.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-desktop-applications:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "webkit2gtk3-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150600.12.43.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-desktop-applications:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-JavaScriptCore-6_0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150600.12.43.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-development-tools:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-WebKit-6_0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150600.12.43.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-development-tools:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-WebKitWebProcessExtension-6_0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150600.12.43.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-development-tools:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "webkit2gtk4-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150600.12.43.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-development-tools:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "libjavascriptcoregtk-4_0-18", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150200.150.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles-ltss:15:sp2", "cpe:/o:suse:sles-ltss:15:sp3", "cpe:/o:suse:sles:15:sp3", "cpe:/o:suse:sles_sap:15:sp3"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "libwebkit2gtk-4_0-37", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150200.150.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles-ltss:15:sp2", "cpe:/o:suse:sles-ltss:15:sp3", "cpe:/o:suse:sles:15:sp3", "cpe:/o:suse:sles_sap:15:sp3"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "libwebkit2gtk3-lang", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150200.150.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles-ltss:15:sp2", "cpe:/o:suse:sles-ltss:15:sp3", "cpe:/o:suse:sles:15:sp3", "cpe:/o:suse:sles_sap:15:sp3"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-JavaScriptCore-4_0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150200.150.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles-ltss:15:sp2", "cpe:/o:suse:sles-ltss:15:sp3", "cpe:/o:suse:sles:15:sp3", "cpe:/o:suse:sles_sap:15:sp3"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-WebKit2-4_0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150200.150.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles-ltss:15:sp2", "cpe:/o:suse:sles-ltss:15:sp3", "cpe:/o:suse:sles:15:sp3", "cpe:/o:suse:sles_sap:15:sp3"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-WebKit2WebExtension-4_0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150200.150.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles-ltss:15:sp2", "cpe:/o:suse:sles-ltss:15:sp3", "cpe:/o:suse:sles:15:sp3", "cpe:/o:suse:sles_sap:15:sp3"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "webkit2gtk-4_0-injected-bundles", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150200.150.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles-ltss:15:sp2", "cpe:/o:suse:sles-ltss:15:sp3", "cpe:/o:suse:sles:15:sp3", "cpe:/o:suse:sles_sap:15:sp3"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "webkit2gtk3-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150200.150.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles-ltss:15:sp2", "cpe:/o:suse:sles-ltss:15:sp3", "cpe:/o:suse:sles:15:sp3", "cpe:/o:suse:sles_sap:15:sp3"], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "SUSE bug 1239547"}], "references": [{"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24201", "name": "Mitre CVE-2025-24201"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-March/000962.html", "name": "RHSA-2025:2863"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-March/000969.html", "name": "RHSA-2025:2864"}, {"url": "https://www.suse.com/security/cve/CVE-2025-24201", "name": "SUSE CVE-2025-24201"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041178.html", "name": "SUSE-SU-2025:02765-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041177.html", "name": "SUSE-SU-2025:02766-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041188.html", "name": "SUSE-SU-2025:02777-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041347.html", "name": "SUSE-SU-2025:02973-1"}, {"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020571.html", "name": "SUSE-SU-2025:0974-1"}, {"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020570.html", "name": "SUSE-SU-2025:0975-1"}, {"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020583.html", "name": "SUSE-SU-2025:0993-1"}, {"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020603.html", "name": "SUSE-SU-2025:1023-1"}, {"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/KJC3GUPN6T3FGCOPMOLUI52AMJZNNKNX/", "name": "SUSE-SU-2025:1033-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-April/038918.html", "name": "SUSE-SU-2025:1149-1"}], "descriptions": [{"lang": "en", "value": "\n    An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in Safari 18.3.1, iOS 15.8.4 and iPadOS 15.8.4, iOS 16.7.11 and iPadOS 16.7.11, iOS 18.3.2 and iPadOS 18.3.2, iPadOS 17.7.6, macOS Sequoia 15.3.2, visionOS 2.3.2, watchOS 11.4. Maliciously crafted web content may be able to break out of Web Content sandbox. This is a supplementary fix for an attack that was blocked in iOS 17.2. (Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2.).\n    "}], "providerMetadata": {"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb", "shortName": "suse", "dateUpdated": "2025-03-22T00:00:00Z", "x_subShortName": "suse_server_15"}}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "Unknown", "content": {"data": "{\"description\":\"Important\"}"}}}], "affected": [{"vendor": "suse", "product": "WebKitGTK-4.0-lang", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-150600.12.30.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "WebKitGTK-6.0-lang", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-150600.12.30.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "libjavascriptcoregtk-4_0-18", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-150600.12.30.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "libjavascriptcoregtk-6_0-1", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-150600.12.30.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "libwebkit2gtk-4_0-37", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-150600.12.30.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "libwebkitgtk-6_0-4", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-150600.12.30.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-JavaScriptCore-4_0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-150600.12.30.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-WebKit2-4_0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-150600.12.30.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-WebKit2WebExtension-4_0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-150600.12.30.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "webkit2gtk-4_0-injected-bundles", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-150600.12.30.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "webkit2gtk3-soup2-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-150600.12.30.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "webkitgtk-6_0-injected-bundles", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-150600.12.30.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "WebKitGTK-4.1-lang", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-150600.12.30.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-desktop-applications:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "libjavascriptcoregtk-4_1-0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-150600.12.30.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-desktop-applications:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "libwebkit2gtk-4_1-0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-150600.12.30.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-desktop-applications:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-JavaScriptCore-4_1", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-150600.12.30.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-desktop-applications:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-WebKit2-4_1", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-150600.12.30.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-desktop-applications:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-WebKit2WebExtension-4_1", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-150600.12.30.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-desktop-applications:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "webkit2gtk-4_1-injected-bundles", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-150600.12.30.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-desktop-applications:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "webkit2gtk3-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-150600.12.30.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-desktop-applications:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-JavaScriptCore-6_0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-150600.12.30.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-development-tools:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-WebKit-6_0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-150600.12.30.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-development-tools:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-WebKitWebProcessExtension-6_0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-150600.12.30.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-development-tools:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "webkit2gtk4-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.46.6-150600.12.30.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-development-tools:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "WebKitGTK-4.0-lang", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150600.12.43.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "WebKitGTK-6.0-lang", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150600.12.43.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "libjavascriptcoregtk-4_0-18", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150600.12.43.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "libjavascriptcoregtk-6_0-1", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150600.12.43.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "libwebkit2gtk-4_0-37", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150600.12.43.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "libwebkitgtk-6_0-4", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150600.12.43.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-JavaScriptCore-4_0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150600.12.43.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-WebKit2-4_0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150600.12.43.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-WebKit2WebExtension-4_0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150600.12.43.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "webkit2gtk-4_0-injected-bundles", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150600.12.43.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "webkit2gtk3-soup2-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150600.12.43.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "webkitgtk-6_0-injected-bundles", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150600.12.43.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "WebKitGTK-4.1-lang", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150600.12.43.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-desktop-applications:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "libjavascriptcoregtk-4_1-0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150600.12.43.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-desktop-applications:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "libwebkit2gtk-4_1-0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150600.12.43.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-desktop-applications:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-JavaScriptCore-4_1", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150600.12.43.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-desktop-applications:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-WebKit2-4_1", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150600.12.43.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-desktop-applications:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-WebKit2WebExtension-4_1", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150600.12.43.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-desktop-applications:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "webkit2gtk-4_1-injected-bundles", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150600.12.43.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-desktop-applications:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "webkit2gtk3-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150600.12.43.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-desktop-applications:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-JavaScriptCore-6_0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150600.12.43.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-development-tools:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-WebKit-6_0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150600.12.43.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-development-tools:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-WebKitWebProcessExtension-6_0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150600.12.43.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-development-tools:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "webkit2gtk4-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-150600.12.43.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-development-tools:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "SUSE bug 1239547"}], "references": [{"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24201", "name": "Mitre CVE-2025-24201"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-March/000962.html", "name": "RHSA-2025:2863"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-March/000969.html", "name": "RHSA-2025:2864"}, {"url": "https://www.suse.com/security/cve/CVE-2025-24201", "name": "SUSE CVE-2025-24201"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041178.html", "name": "SUSE-SU-2025:02765-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041177.html", "name": "SUSE-SU-2025:02766-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041188.html", "name": "SUSE-SU-2025:02777-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041347.html", "name": "SUSE-SU-2025:02973-1"}, {"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020571.html", "name": "SUSE-SU-2025:0974-1"}, {"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020570.html", "name": "SUSE-SU-2025:0975-1"}, {"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020583.html", "name": "SUSE-SU-2025:0993-1"}, {"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020603.html", "name": "SUSE-SU-2025:1023-1"}, {"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/KJC3GUPN6T3FGCOPMOLUI52AMJZNNKNX/", "name": "SUSE-SU-2025:1033-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-April/038918.html", "name": "SUSE-SU-2025:1149-1"}], "descriptions": [{"lang": "en", "value": "\n    An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in Safari 18.3.1, iOS 15.8.4 and iPadOS 15.8.4, iOS 16.7.11 and iPadOS 16.7.11, iOS 18.3.2 and iPadOS 18.3.2, iPadOS 17.7.6, macOS Sequoia 15.3.2, visionOS 2.3.2, watchOS 11.4. Maliciously crafted web content may be able to break out of Web Content sandbox. This is a supplementary fix for an attack that was blocked in iOS 17.2. (Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2.).\n    "}], "providerMetadata": {"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb", "shortName": "suse", "dateUpdated": "2025-03-22T00:00:00Z", "x_subShortName": "suse_desktop_15"}}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "Unknown", "content": {"data": "{\"description\":\"Important\"}"}}}], "affected": [{"vendor": "suse", "product": "WebKitGTK-4.1-lang", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-160000.1.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles:16.0"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "WebKitGTK-6.0-lang", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-160000.1.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles:16.0"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "libjavascriptcoregtk-4_1-0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-160000.1.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles:16.0"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "libjavascriptcoregtk-6_0-1", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-160000.1.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles:16.0"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "libwebkit2gtk-4_1-0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-160000.1.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles:16.0"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "libwebkitgtk-6_0-4", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-160000.1.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles:16.0"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-JavaScriptCore-4_1", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-160000.1.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles:16.0"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-JavaScriptCore-6_0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-160000.1.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles:16.0"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-WebKit-6_0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-160000.1.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles:16.0"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-WebKit2-4_1", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-160000.1.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles:16.0"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-WebKit2WebExtension-4_1", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-160000.1.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles:16.0"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "typelib-1_0-WebKitWebProcessExtension-6_0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-160000.1.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles:16.0"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "webkit-jsc-4.1", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-160000.1.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles:16.0"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "webkit-jsc-6.0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-160000.1.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles:16.0"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "webkit2gtk-4_1-injected-bundles", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-160000.1.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles:16.0"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "webkit2gtk3-minibrowser", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-160000.1.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles:16.0"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "webkit2gtk4-minibrowser", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-160000.1.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles:16.0"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "webkitgtk-6_0-injected-bundles", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.5-160000.1.2", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles:16.0"], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "SUSE bug 1239547"}], "references": [{"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24201", "name": "Mitre CVE-2025-24201"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-March/000962.html", "name": "RHSA-2025:2863"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-March/000969.html", "name": "RHSA-2025:2864"}, {"url": "https://www.suse.com/security/cve/CVE-2025-24201", "name": "SUSE CVE-2025-24201"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041178.html", "name": "SUSE-SU-2025:02765-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041177.html", "name": "SUSE-SU-2025:02766-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041188.html", "name": "SUSE-SU-2025:02777-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041347.html", "name": "SUSE-SU-2025:02973-1"}, {"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020571.html", "name": "SUSE-SU-2025:0974-1"}, {"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020570.html", "name": "SUSE-SU-2025:0975-1"}, {"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020583.html", "name": "SUSE-SU-2025:0993-1"}, {"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020603.html", "name": "SUSE-SU-2025:1023-1"}, {"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/KJC3GUPN6T3FGCOPMOLUI52AMJZNNKNX/", "name": "SUSE-SU-2025:1033-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-April/038918.html", "name": "SUSE-SU-2025:1149-1"}], "descriptions": [{"lang": "en", "value": "\n    An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in Safari 18.3.1, iOS 15.8.4 and iPadOS 15.8.4, iOS 16.7.11 and iPadOS 16.7.11, iOS 18.3.2 and iPadOS 18.3.2, iPadOS 17.7.6, macOS Sequoia 15.3.2, visionOS 2.3.2, watchOS 11.4. Maliciously crafted web content may be able to break out of Web Content sandbox. This is a supplementary fix for an attack that was blocked in iOS 17.2. (Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2.).\n    "}], "providerMetadata": {"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb", "shortName": "suse", "dateUpdated": "2025-11-14T00:00:00Z", "x_subShortName": "suse_server_16"}}, {"metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 10.0, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "Unknown", "content": {"data": "{\"description\":\"high\"}"}}}], "affected": [{"vendor": "canonical", "product": "gir1.2-javascriptcoregtk-4.0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.0-0ubuntu0.22.04.1", "versionType": "custom"}], "platforms": ["jammy"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "gir1.2-javascriptcoregtk-4.1", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.0-0ubuntu0.22.04.1", "versionType": "custom"}], "platforms": ["jammy"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "gir1.2-javascriptcoregtk-6.0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.0-0ubuntu0.22.04.1", "versionType": "custom"}], "platforms": ["jammy"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "gir1.2-webkit-6.0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.0-0ubuntu0.22.04.1", "versionType": "custom"}], "platforms": ["jammy"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "gir1.2-webkit2-4.0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.0-0ubuntu0.22.04.1", "versionType": "custom"}], "platforms": ["jammy"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "gir1.2-webkit2-4.1", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.0-0ubuntu0.22.04.1", "versionType": "custom"}], "platforms": ["jammy"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "libjavascriptcoregtk-4.0-18", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.0-0ubuntu0.22.04.1", "versionType": "custom"}], "platforms": ["jammy"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "libjavascriptcoregtk-4.0-bin", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.0-0ubuntu0.22.04.1", "versionType": "custom"}], "platforms": ["jammy"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "libjavascriptcoregtk-4.1-0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.0-0ubuntu0.22.04.1", "versionType": "custom"}], "platforms": ["jammy"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "libjavascriptcoregtk-6.0-1", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.0-0ubuntu0.22.04.1", "versionType": "custom"}], "platforms": ["jammy"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "libwebkit2gtk-4.0-37", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.0-0ubuntu0.22.04.1", "versionType": "custom"}], "platforms": ["jammy"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "libwebkit2gtk-4.1-0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.0-0ubuntu0.22.04.1", "versionType": "custom"}], "platforms": ["jammy"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "libwebkitgtk-6.0-4", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.0-0ubuntu0.22.04.1", "versionType": "custom"}], "platforms": ["jammy"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "webkit2gtk-driver", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.0-0ubuntu0.22.04.1", "versionType": "custom"}], "platforms": ["jammy"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "gir1.2-javascriptcoregtk-4.1", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.0-0ubuntu0.24.04.1", "versionType": "custom"}], "platforms": ["noble"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "gir1.2-javascriptcoregtk-6.0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.0-0ubuntu0.24.04.1", "versionType": "custom"}], "platforms": ["noble"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "gir1.2-webkit-6.0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.0-0ubuntu0.24.04.1", "versionType": "custom"}], "platforms": ["noble"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "gir1.2-webkit2-4.1", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.0-0ubuntu0.24.04.1", "versionType": "custom"}], "platforms": ["noble"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "libjavascriptcoregtk-4.0-bin", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.0-0ubuntu0.24.04.1", "versionType": "custom"}], "platforms": ["noble"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "libjavascriptcoregtk-4.1-0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.0-0ubuntu0.24.04.1", "versionType": "custom"}], "platforms": ["noble"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "libjavascriptcoregtk-6.0-1", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.0-0ubuntu0.24.04.1", "versionType": "custom"}], "platforms": ["noble"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "libjavascriptcoregtk-bin", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.0-0ubuntu0.24.04.1", "versionType": "custom"}], "platforms": ["noble"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "libwebkit2gtk-4.1-0", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.0-0ubuntu0.24.04.1", "versionType": "custom"}], "platforms": ["noble"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "libwebkitgtk-6.0-4", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.0-0ubuntu0.24.04.1", "versionType": "custom"}], "platforms": ["noble"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "webkit2gtk-driver", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.48.0-0ubuntu0.24.04.1", "versionType": "custom"}], "platforms": ["noble"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "webkit2gtk-driver", "platforms": ["bionic", "focal"], "defaultStatus": "unknown"}, {"vendor": "canonical", "product": "libqt5webkit5", "platforms": ["bionic", "focal", "jammy", "noble", "xenial"], "defaultStatus": "unknown"}, {"vendor": "canonical", "product": "qml-module-qtwebkit", "platforms": ["bionic", "focal", "jammy", "noble", "xenial"], "defaultStatus": "unknown"}, {"vendor": "canonical", "product": "gir1.2-javascriptcoregtk-4.0", "platforms": ["bionic", "focal", "xenial"], "defaultStatus": "unknown"}, {"vendor": "canonical", "product": "gir1.2-webkit2-4.0", "platforms": ["bionic", "focal", "xenial"], "defaultStatus": "unknown"}, {"vendor": "canonical", "product": "libjavascriptcoregtk-4.0-18", "platforms": ["bionic", "focal", "xenial"], "defaultStatus": "unknown"}, {"vendor": "canonical", "product": "libjavascriptcoregtk-4.0-bin", "platforms": ["bionic", "focal", "xenial"], "defaultStatus": "unknown"}, {"vendor": "canonical", "product": "libwebkit2gtk-4.0-37", "platforms": ["bionic", "focal", "xenial"], "defaultStatus": "unknown"}, {"vendor": "canonical", "product": "libwebkit2gtk-4.0-37-gtk2", "platforms": ["bionic", "focal", "xenial"], "defaultStatus": "unknown"}, {"vendor": "canonical", "product": "gir1.2-javascriptcoregtk-3.0", "platforms": ["bionic", "xenial"], "defaultStatus": "unknown"}, {"vendor": "canonical", "product": "gir1.2-webkit-3.0", "platforms": ["bionic", "xenial"], "defaultStatus": "unknown"}, {"vendor": "canonical", "product": "libjavascriptcoregtk-1.0-0", "platforms": ["bionic", "xenial"], "defaultStatus": "unknown"}, {"vendor": "canonical", "product": "libjavascriptcoregtk-3.0-0", "platforms": ["bionic", "xenial"], "defaultStatus": "unknown"}, {"vendor": "canonical", "product": "libjavascriptcoregtk-3.0-bin", "platforms": ["bionic", "xenial"], "defaultStatus": "unknown"}, {"vendor": "canonical", "product": "libqtwebkit-qmlwebkitplugin", "platforms": ["bionic", "xenial"], "defaultStatus": "unknown"}, {"vendor": "canonical", "product": "libqtwebkit4", "platforms": ["bionic", "xenial"], "defaultStatus": "unknown"}, {"vendor": "canonical", "product": "libwebkitgtk-1.0-0", "platforms": ["bionic", "xenial"], "defaultStatus": "unknown"}, {"vendor": "canonical", "product": "libwebkitgtk-3.0-0", "platforms": ["bionic", "xenial"], "defaultStatus": "unknown"}, {"vendor": "canonical", "product": "libwpewebkit-1.0-3", "platforms": ["focal", "jammy"], "defaultStatus": "unknown"}, {"vendor": "canonical", "product": "wpewebkit-driver", "platforms": ["focal", "jammy"], "defaultStatus": "unknown"}, {"vendor": "canonical", "product": "gir1.2-webkit2-3.0", "platforms": ["xenial"], "defaultStatus": "unknown"}, {"vendor": "canonical", "product": "libqt5webkit5-qmlwebkitplugin", "platforms": ["xenial"], "defaultStatus": "unknown"}, {"vendor": "canonical", "product": "libwebkit2gtk-3.0-25", "platforms": ["xenial"], "defaultStatus": "unknown"}, {"vendor": "canonical", "product": "libwebkitgtk-1.0-common", "platforms": ["xenial"], "defaultStatus": "unknown"}, {"vendor": "canonical", "product": "libwebkitgtk-3.0-common", "platforms": ["xenial"], "defaultStatus": "unknown"}], "references": [{"url": "https://ubuntu.com/security/CVE-2025-24201"}, {"url": "https://ubuntu.com/security/notices/USN-7395-1"}, {"url": "https://www.cve.org/CVERecord?id=CVE-2025-24201"}], "descriptions": [{"lang": "en", "value": "An out-of-bounds write issue was addressed with improved checks to preventunauthorized actions. This issue is fixed in Safari 18.3.1, iOS 15.8.4 andiPadOS 15.8.4, iOS 16.7.11 and iPadOS 16.7.11, iOS 18.3.2 and iPadOS18.3.2, iPadOS 17.7.6, macOS Sequoia 15.3.2, visionOS 2.3.2, watchOS 11.4.Maliciously crafted web content may be able to break out of Web Contentsandbox. This is a supplementary fix for an attack that was blocked in iOS17.2. (Apple is aware of a report that this issue may have been exploitedin an extremely sophisticated attack against specific targeted individualson versions of iOS before iOS 17.2.)."}], "providerMetadata": {"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "shortName": "canonical", "dateUpdated": "2025-03-11T18:15:00Z", "x_subShortName": "canonical"}}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "amazon", "product": "webkitgtk4", "versions": [{"status": "affected", "version": "0", "lessThan": "2.46.6-1.amzn2.0.2", "versionType": "rpm"}], "defaultStatus": "unaffected"}, {"vendor": "amazon", "product": "webkitgtk4-debuginfo", "versions": [{"status": "affected", "version": "0", "lessThan": "2.46.6-1.amzn2.0.2", "versionType": "rpm"}], "defaultStatus": "unaffected"}, {"vendor": "amazon", "product": "webkitgtk4-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "2.46.6-1.amzn2.0.2", "versionType": "rpm"}], "defaultStatus": "unaffected"}, {"vendor": "amazon", "product": "webkitgtk4-jsc", "versions": [{"status": "affected", "version": "0", "lessThan": "2.46.6-1.amzn2.0.2", "versionType": "rpm"}], "defaultStatus": "unaffected"}, {"vendor": "amazon", "product": "webkitgtk4-jsc-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "2.46.6-1.amzn2.0.2", "versionType": "rpm"}], "defaultStatus": "unaffected"}], "references": [{"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24201"}], "descriptions": [{"lang": "en", "value": "An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in visionOS 2.3.2, iOS 18.3.2 and iPadOS 18.3.2, macOS Sequoia 15.3.2, Safari 18.3.1. Maliciously crafted web content may be able to break out of Web Content sandbox. This is a supplementary fix for an attack that was blocked in iOS 17.2. (Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2.)."}], "providerMetadata": {"orgId": "00000000-0000-4000-A000-000000000000", "shortName": "alas", "dateUpdated": "2025-05-21T19:40:00Z", "x_subShortName": "alas_2"}}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "Unknown", "content": {"data": "{\"description\":\"Important\"}"}}}], "affected": [{"vendor": "unknown", "product": "unknown", "defaultStatus": "unknown"}], "solutions": [{"lang": "en", "value": "SUSE bug 1239547"}], "references": [{"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24201", "name": "Mitre CVE-2025-24201"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-March/000962.html", "name": "RHSA-2025:2863"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-March/000969.html", "name": "RHSA-2025:2864"}, {"url": "https://www.suse.com/security/cve/CVE-2025-24201", "name": "SUSE CVE-2025-24201"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041178.html", "name": "SUSE-SU-2025:02765-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041177.html", "name": "SUSE-SU-2025:02766-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041188.html", "name": "SUSE-SU-2025:02777-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041347.html", "name": "SUSE-SU-2025:02973-1"}, {"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020571.html", "name": "SUSE-SU-2025:0974-1"}, {"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020570.html", "name": "SUSE-SU-2025:0975-1"}, {"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020583.html", "name": "SUSE-SU-2025:0993-1"}, {"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020603.html", "name": "SUSE-SU-2025:1023-1"}, {"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/KJC3GUPN6T3FGCOPMOLUI52AMJZNNKNX/", "name": "SUSE-SU-2025:1033-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-April/038918.html", "name": "SUSE-SU-2025:1149-1"}], "descriptions": [{"lang": "en", "value": "\n    An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in Safari 18.3.1, iOS 15.8.4 and iPadOS 15.8.4, iOS 16.7.11 and iPadOS 16.7.11, iOS 18.3.2 and iPadOS 18.3.2, iPadOS 17.7.6, macOS Sequoia 15.3.2, visionOS 2.3.2, watchOS 11.4. Maliciously crafted web content may be able to break out of Web Content sandbox. This is a supplementary fix for an attack that was blocked in iOS 17.2. (Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2.).\n    "}], "providerMetadata": {"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb", "shortName": "suse", "dateUpdated": "2025-03-27T00:00:00Z", "x_subShortName": "suse_server_12"}}], "cna": {"metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 10, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"cpes": ["cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*"], "vendor": "apple", "product": "safari", "versions": [{"status": "affected", "version": "0", "lessThan": "18.3.1", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*"], "vendor": "apple", "product": "ipados", "versions": [{"status": "affected", "version": "15.8", "lessThan": "15.8.4", "versionType": "custom"}, {"status": "affected", "version": "16.7", "lessThan": "16.7.11", "versionType": "custom"}, {"status": "affected", "version": "17.0", "lessThan": "17.7.6", "versionType": "custom"}, {"status": "affected", "version": "18.0", "lessThan": "18.3.2", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*"], "vendor": "apple", "product": "iphone_os", "versions": [{"status": "affected", "version": "15.8", "lessThan": "15.8.4", "versionType": "custom"}, {"status": "affected", "version": "16.7", "lessThan": "16.7.11", "versionType": "custom"}, {"status": "affected", "version": "17.0", "lessThan": "18.3.2", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*"], "vendor": "apple", "product": "macos", "versions": [{"status": "affected", "version": "15.0", "lessThan": "15.3.2", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*"], "vendor": "apple", "product": "visionos", "versions": [{"status": "affected", "version": "0", "lessThan": "2.3.2", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*"], "vendor": "apple", "product": "watchos", "versions": [{"status": "affected", "version": "0", "lessThan": "11.4", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*"], "vendor": "debian", "product": "debian_linux", "versions": [{"status": "affected", "version": "11.0"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://github.com/cisagov/vulnrichment/issues/194", "tags": ["issue-tracking"]}, {"url": "https://lists.debian.org/debian-lts-announce/2025/06/msg00016.html", "tags": ["mailing-list"]}, {"url": "http://seclists.org/fulldisclosure/2025/Apr/16", "tags": ["mailing-list", "third-party-advisory"]}, {"url": "http://seclists.org/fulldisclosure/2025/Apr/7", "tags": ["mailing-list", "third-party-advisory"]}, {"url": "http://seclists.org/fulldisclosure/2025/Jun/19", "tags": ["mailing-list", "third-party-advisory"]}, {"url": "http://seclists.org/fulldisclosure/2025/Mar/2", "tags": ["mailing-list", "third-party-advisory"]}, {"url": "http://seclists.org/fulldisclosure/2025/Mar/3", "tags": ["mailing-list", "third-party-advisory"]}, {"url": "http://seclists.org/fulldisclosure/2025/Mar/4", "tags": ["mailing-list", "third-party-advisory"]}, {"url": "http://seclists.org/fulldisclosure/2025/Mar/5", "tags": ["mailing-list", "third-party-advisory"]}, {"url": "http://seclists.org/fulldisclosure/2025/Oct/1", "tags": ["mailing-list", "third-party-advisory"]}, {"url": "http://seclists.org/fulldisclosure/2025/Oct/31", "tags": ["mailing-list", "third-party-advisory"]}, {"url": "https://support.apple.com/en-us/122281", "tags": ["release-notes", "vendor-advisory"]}, {"url": "https://support.apple.com/en-us/122283", "tags": ["release-notes", "vendor-advisory"]}, {"url": "https://support.apple.com/en-us/122284", "tags": ["release-notes", "vendor-advisory"]}, {"url": "https://support.apple.com/en-us/122285", "tags": ["release-notes", "vendor-advisory"]}, {"url": "https://support.apple.com/en-us/122345", "tags": ["release-notes", "vendor-advisory"]}, {"url": "https://support.apple.com/en-us/122346", "tags": ["release-notes", "vendor-advisory"]}, {"url": "https://support.apple.com/en-us/122372", "tags": ["release-notes", "vendor-advisory"]}, {"url": "https://support.apple.com/en-us/122376", "tags": ["release-notes", "vendor-advisory"]}, {"url": "https://github.com/JGoyd/Glass-Cage-iOS18-CVE-2025-24085-CVE-2025-24201", "tags": ["third-party-advisory"]}, {"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-24201", "tags": ["x_us-government-resource"]}], "descriptions": [{"lang": "en", "value": "An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in Safari 18.3.1, iOS 15.8.4 and iPadOS 15.8.4, iOS 16.7.11 and iPadOS 16.7.11, iOS 18.3.2 and iPadOS 18.3.2, iPadOS 17.7.6, macOS Sequoia 15.3.2, visionOS 2.3.2, watchOS 11.4. Maliciously crafted web content may be able to break out of Web Content sandbox. This is a supplementary fix for an attack that was blocked in iOS 17.2. (Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2.)."}, {"lang": "es", "value": "Se solucionó un problema de escritura fuera de los límites mediante comprobaciones mejoradas para evitar acciones no autorizadas. Este problema se solucionó en visionOS 2.3.2, iOS 18.3.2 y iPadOS 18.3.2, macOS Sequoia 15.3.2 y Safari 18.3.1. El contenido web malintencionado podría vulnerar la zona protegida de contenido web. Esta es una solución complementaria para un ataque bloqueado en iOS 17.2. (Apple tiene conocimiento de un informe que indica que este problema podría haber sido explotado en un ataque extremadamente sofisticado contra individuos específicos en versiones de iOS anteriores a iOS 17.2)."}], "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-787", "description": "CWE-787"}]}], "providerMetadata": {"orgId": "00000000-0000-4000-A000-000000000003", "shortName": "nvd", "dateUpdated": "2025-03-11T18:15:30Z", "x_subShortName": "nvd"}}}, "cveMetadata": {"cveId": "CVE-2025-24201", "state": "PUBLISHED", "dateUpdated": "2026-04-03T11:45:20Z", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "datePublished": "2025-03-11T18:15:30Z", "assignerShortName": "apple"}, "dataVersion": "5.0"}