UBUNTU-CVE-2025-24201
- Source
- https://ubuntu.com/security/CVE-2025-24201
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-24201.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2025-24201
- Upstream
- Downstream
- Related
- Published
- 2025-03-11T18:15:00Z
- Modified
- 2025-09-08T17:08:11Z
- Severity
-
- 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- 7.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Ubuntu - high
- Summary
- [none]
- Details
-
An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in visionOS 2.3.2, iOS 18.3.2 and iPadOS 18.3.2, macOS Sequoia 15.3.2, Safari 18.3.1, watchOS 11.4, iPadOS 17.7.6, iOS 16.7.11 and iPadOS 16.7.11, iOS 15.8.4 and iPadOS 15.8.4. Maliciously crafted web content may be able to break out of Web Content sandbox. This is a supplementary fix for an attack that was blocked in iOS 17.2. (Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2.).
- References
Affected packages
Ubuntu:Pro:16.04:LTS / qtwebkit-opensource-src
Package
- Name
- qtwebkit-opensource-src
- Purl
- pkg:deb/ubuntu/qtwebkit-opensource-src@5.5.1+dfsg-2ubuntu1?arch=source&distro=esm-infra/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ecosystem specific
{
"priority_reason": "CVE is in CISA KEV list",
"binaries": [
{
"binary_name": "libqt5webkit5",
"binary_version": "5.5.1+dfsg-2ubuntu1"
},
{
"binary_name": "libqt5webkit5-dev",
"binary_version": "5.5.1+dfsg-2ubuntu1"
},
{
"binary_name": "libqt5webkit5-qmlwebkitplugin",
"binary_version": "5.5.1+dfsg-2ubuntu1"
},
{
"binary_name": "qml-module-qtwebkit",
"binary_version": "5.5.1+dfsg-2ubuntu1"
},
{
"binary_name": "qtwebkit5-doc-html",
"binary_version": "5.5.1+dfsg-2ubuntu1"
}
]
}
Ubuntu:Pro:16.04:LTS / webkit2gtk
Package
- Name
- webkit2gtk
- Purl
- pkg:deb/ubuntu/webkit2gtk@2.20.5-0ubuntu0.16.04.1?arch=source&distro=esm-infra/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2.*
2.8.5+dfsg1-3
2.10.3+dfsg1-1
2.10.4+dfsg1-1
2.10.5-1
2.10.6-1
2.10.6-1ubuntu1
2.10.8-1ubuntu1
2.10.9-1ubuntu1
2.12.5-0ubuntu0.16.04.1
2.14.2-0ubuntu0.16.04.1
2.14.3-0ubuntu0.16.04.1
2.14.5-0ubuntu0.16.04.1
2.16.1-0ubuntu0.16.04.1
2.16.1-0ubuntu0.16.04.2
2.16.2-0ubuntu0.16.04.1
2.16.3-0ubuntu0.16.04.1
2.16.6-0ubuntu0.16.04.1
2.18.0-0ubuntu0.16.04.2
2.18.3-0ubuntu0.16.04.1
2.18.4-0ubuntu0.16.04.1
2.18.5-0ubuntu0.16.04.1
2.18.6-0ubuntu0.16.04.1
2.20.1-0ubuntu0.16.04.1
2.20.2-0ubuntu0.16.04.1
2.20.3-0ubuntu0.16.04.1
2.20.5-0ubuntu0.16.04.1
Ecosystem specific
{
"priority_reason": "CVE is in CISA KEV list",
"binaries": [
{
"binary_name": "gir1.2-javascriptcoregtk-4.0",
"binary_version": "2.20.5-0ubuntu0.16.04.1"
},
{
"binary_name": "gir1.2-webkit2-4.0",
"binary_version": "2.20.5-0ubuntu0.16.04.1"
},
{
"binary_name": "libjavascriptcoregtk-4.0-18",
"binary_version": "2.20.5-0ubuntu0.16.04.1"
},
{
"binary_name": "libjavascriptcoregtk-4.0-bin",
"binary_version": "2.20.5-0ubuntu0.16.04.1"
},
{
"binary_name": "libjavascriptcoregtk-4.0-dev",
"binary_version": "2.20.5-0ubuntu0.16.04.1"
},
{
"binary_name": "libwebkit2gtk-4.0-37",
"binary_version": "2.20.5-0ubuntu0.16.04.1"
},
{
"binary_name": "libwebkit2gtk-4.0-37-gtk2",
"binary_version": "2.20.5-0ubuntu0.16.04.1"
},
{
"binary_name": "libwebkit2gtk-4.0-dev",
"binary_version": "2.20.5-0ubuntu0.16.04.1"
}
]
}
Ubuntu:Pro:16.04:LTS / qtwebkit-source
Package
- Name
- qtwebkit-source
- Purl
- pkg:deb/ubuntu/qtwebkit-source@2.3.2-0ubuntu11?arch=source&distro=esm-apps/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ecosystem specific
{
"priority_reason": "CVE is in CISA KEV list",
"binaries": [
{
"binary_name": "libqtwebkit-dev",
"binary_version": "2.3.2-0ubuntu11"
},
{
"binary_name": "libqtwebkit-qmlwebkitplugin",
"binary_version": "2.3.2-0ubuntu11"
},
{
"binary_name": "libqtwebkit4",
"binary_version": "2.3.2-0ubuntu11"
}
]
}
Ubuntu:Pro:16.04:LTS / webkitgtk
Package
- Name
- webkitgtk
- Purl
- pkg:deb/ubuntu/webkitgtk@2.4.11-0ubuntu0.1?arch=source&distro=esm-apps/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ecosystem specific
{
"priority_reason": "CVE is in CISA KEV list",
"binaries": [
{
"binary_name": "gir1.2-javascriptcoregtk-3.0",
"binary_version": "2.4.11-0ubuntu0.1"
},
{
"binary_name": "gir1.2-webkit-3.0",
"binary_version": "2.4.11-0ubuntu0.1"
},
{
"binary_name": "gir1.2-webkit2-3.0",
"binary_version": "2.4.11-0ubuntu0.1"
},
{
"binary_name": "libjavascriptcoregtk-1.0-0",
"binary_version": "2.4.11-0ubuntu0.1"
},
{
"binary_name": "libjavascriptcoregtk-1.0-dev",
"binary_version": "2.4.11-0ubuntu0.1"
},
{
"binary_name": "libjavascriptcoregtk-3.0-0",
"binary_version": "2.4.11-0ubuntu0.1"
},
{
"binary_name": "libjavascriptcoregtk-3.0-bin",
"binary_version": "2.4.11-0ubuntu0.1"
},
{
"binary_name": "libjavascriptcoregtk-3.0-dev",
"binary_version": "2.4.11-0ubuntu0.1"
},
{
"binary_name": "libwebkit-dev",
"binary_version": "2.4.11-0ubuntu0.1"
},
{
"binary_name": "libwebkit2gtk-3.0-25",
"binary_version": "2.4.11-0ubuntu0.1"
},
{
"binary_name": "libwebkit2gtk-3.0-dev",
"binary_version": "2.4.11-0ubuntu0.1"
},
{
"binary_name": "libwebkitgtk-1.0-0",
"binary_version": "2.4.11-0ubuntu0.1"
},
{
"binary_name": "libwebkitgtk-1.0-common",
"binary_version": "2.4.11-0ubuntu0.1"
},
{
"binary_name": "libwebkitgtk-3.0-0",
"binary_version": "2.4.11-0ubuntu0.1"
},
{
"binary_name": "libwebkitgtk-3.0-common",
"binary_version": "2.4.11-0ubuntu0.1"
},
{
"binary_name": "libwebkitgtk-3.0-dev",
"binary_version": "2.4.11-0ubuntu0.1"
},
{
"binary_name": "libwebkitgtk-common-dev",
"binary_version": "2.4.11-0ubuntu0.1"
},
{
"binary_name": "libwebkitgtk-dev",
"binary_version": "2.4.11-0ubuntu0.1"
}
]
}
Ubuntu:Pro:18.04:LTS / webkit2gtk
Package
- Name
- webkit2gtk
- Purl
- pkg:deb/ubuntu/webkit2gtk@2.32.4-0ubuntu0.18.04.1?arch=source&distro=esm-infra/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2.*
2.18.0-2
2.18.0-2build1
2.18.2-1
2.18.3-1
2.18.4-1
2.18.6-1
2.19.91-1ubuntu1
2.19.92-1
2.20.0-1
2.20.0-2
2.20.0-2ubuntu1
2.20.1-1
2.20.2-0ubuntu0.18.04.1
2.20.3-0ubuntu0.18.04.1
2.20.5-0ubuntu0.18.04.1
2.22.2-0ubuntu0.18.04.1
2.22.2-0ubuntu0.18.04.2
2.22.4-0ubuntu0.18.04.1
2.22.5-0ubuntu0.18.04.1
2.22.6-0ubuntu0.18.04.1
2.24.1-0ubuntu0.18.04.1
2.24.2-0ubuntu0.18.04.1
2.24.4-0ubuntu0.18.04.1
2.26.1-0ubuntu0.18.04.1
2.26.2-0ubuntu0.18.04.1
2.26.3-0ubuntu0.18.04.1
2.26.4-0ubuntu0.18.04.1
2.28.0-0ubuntu0.18.04.3
2.28.1-0ubuntu0.18.04.1
2.28.2-0ubuntu0.18.04.1
2.28.3-0ubuntu0.18.04.1
2.28.4-0ubuntu0.18.04.1
2.30.3-0ubuntu0.18.04.1
2.30.5-0ubuntu0.18.04.1
2.30.6-0ubuntu0.18.04.1
2.32.0-0ubuntu0.18.04.1
2.32.3-0ubuntu0.18.04.1
2.32.4-0ubuntu0.18.04.1
Ecosystem specific
{
"priority_reason": "CVE is in CISA KEV list",
"binaries": [
{
"binary_name": "gir1.2-javascriptcoregtk-4.0",
"binary_version": "2.32.4-0ubuntu0.18.04.1"
},
{
"binary_name": "gir1.2-webkit2-4.0",
"binary_version": "2.32.4-0ubuntu0.18.04.1"
},
{
"binary_name": "libjavascriptcoregtk-4.0-18",
"binary_version": "2.32.4-0ubuntu0.18.04.1"
},
{
"binary_name": "libjavascriptcoregtk-4.0-bin",
"binary_version": "2.32.4-0ubuntu0.18.04.1"
},
{
"binary_name": "libjavascriptcoregtk-4.0-dev",
"binary_version": "2.32.4-0ubuntu0.18.04.1"
},
{
"binary_name": "libwebkit2gtk-4.0-37",
"binary_version": "2.32.4-0ubuntu0.18.04.1"
},
{
"binary_name": "libwebkit2gtk-4.0-37-gtk2",
"binary_version": "2.32.4-0ubuntu0.18.04.1"
},
{
"binary_name": "libwebkit2gtk-4.0-dev",
"binary_version": "2.32.4-0ubuntu0.18.04.1"
},
{
"binary_name": "webkit2gtk-driver",
"binary_version": "2.32.4-0ubuntu0.18.04.1"
}
]
}
Ubuntu:Pro:18.04:LTS / qtwebkit-opensource-src
Package
- Name
- qtwebkit-opensource-src
- Purl
- pkg:deb/ubuntu/qtwebkit-opensource-src@5.212.0~alpha2-7ubuntu1?arch=source&distro=esm-apps/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
5.*
5.9.1+dfsg-5ubuntu1
5.9.1+dfsg-5ubuntu3
5.212.0~alpha2-5build2
5.212.0~alpha2-5build4
5.212.0~alpha2-7
5.212.0~alpha2-7build2
5.212.0~alpha2-7ubuntu1
Ecosystem specific
{
"priority_reason": "CVE is in CISA KEV list",
"binaries": [
{
"binary_name": "libqt5webkit5",
"binary_version": "5.212.0~alpha2-7ubuntu1"
},
{
"binary_name": "libqt5webkit5-dev",
"binary_version": "5.212.0~alpha2-7ubuntu1"
},
{
"binary_name": "qml-module-qtwebkit",
"binary_version": "5.212.0~alpha2-7ubuntu1"
},
{
"binary_name": "qtwebkit5-doc-html",
"binary_version": "5.212.0~alpha2-7ubuntu1"
}
]
}
Ubuntu:Pro:18.04:LTS / qtwebkit-source
Package
- Name
- qtwebkit-source
- Purl
- pkg:deb/ubuntu/qtwebkit-source@2.3.2-0ubuntu13?arch=source&distro=esm-apps/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ecosystem specific
{
"priority_reason": "CVE is in CISA KEV list",
"binaries": [
{
"binary_name": "libqtwebkit-dev",
"binary_version": "2.3.2-0ubuntu13"
},
{
"binary_name": "libqtwebkit-qmlwebkitplugin",
"binary_version": "2.3.2-0ubuntu13"
},
{
"binary_name": "libqtwebkit4",
"binary_version": "2.3.2-0ubuntu13"
}
]
}
Ubuntu:Pro:18.04:LTS / webkitgtk
Package
- Name
- webkitgtk
- Purl
- pkg:deb/ubuntu/webkitgtk@2.4.11-3ubuntu3?arch=source&distro=esm-apps/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ecosystem specific
{
"priority_reason": "CVE is in CISA KEV list",
"binaries": [
{
"binary_name": "gir1.2-javascriptcoregtk-3.0",
"binary_version": "2.4.11-3ubuntu3"
},
{
"binary_name": "gir1.2-webkit-3.0",
"binary_version": "2.4.11-3ubuntu3"
},
{
"binary_name": "libjavascriptcoregtk-1.0-0",
"binary_version": "2.4.11-3ubuntu3"
},
{
"binary_name": "libjavascriptcoregtk-1.0-dev",
"binary_version": "2.4.11-3ubuntu3"
},
{
"binary_name": "libjavascriptcoregtk-3.0-0",
"binary_version": "2.4.11-3ubuntu3"
},
{
"binary_name": "libjavascriptcoregtk-3.0-bin",
"binary_version": "2.4.11-3ubuntu3"
},
{
"binary_name": "libjavascriptcoregtk-3.0-dev",
"binary_version": "2.4.11-3ubuntu3"
},
{
"binary_name": "libwebkitgtk-1.0-0",
"binary_version": "2.4.11-3ubuntu3"
},
{
"binary_name": "libwebkitgtk-3.0-0",
"binary_version": "2.4.11-3ubuntu3"
},
{
"binary_name": "libwebkitgtk-3.0-dev",
"binary_version": "2.4.11-3ubuntu3"
},
{
"binary_name": "libwebkitgtk-dev",
"binary_version": "2.4.11-3ubuntu3"
}
]
}
Ubuntu:Pro:20.04:LTS / webkit2gtk
Package
- Name
- webkit2gtk
- Purl
- pkg:deb/ubuntu/webkit2gtk@2.38.6-0ubuntu0.20.04.1?arch=source&distro=esm-infra/focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2.*
2.26.1-3
2.26.2-1
2.26.3-1ubuntu2
2.26.4-1ubuntu1
2.28.0-1ubuntu2
2.28.1-1
2.28.2-0ubuntu0.20.04.1
2.28.3-0ubuntu0.20.04.1
2.28.4-0ubuntu0.20.04.1
2.30.3-0ubuntu0.20.04.1
2.30.5-0ubuntu0.20.04.1
2.30.6-0ubuntu0.20.04.1
2.32.0-0ubuntu0.20.04.1
2.32.3-0ubuntu0.20.04.1
2.32.4-0ubuntu0.20.04.1
2.34.1-0ubuntu0.20.04.1
2.34.3-0ubuntu0.20.04.1
2.34.4-0ubuntu0.20.04.1
2.34.6-0ubuntu0.20.04.1
2.36.0-0ubuntu0.20.04.3
2.36.2-0ubuntu0.20.04.1
2.36.3-0ubuntu0.20.04.1
2.36.4-0ubuntu0.20.04.1
2.36.6-0ubuntu0.20.04.1
2.36.7-0ubuntu0.20.04.1
2.36.8-0ubuntu0.20.04.1
2.38.2-0ubuntu0.20.04.1
2.38.3-0ubuntu0.20.04.1
2.38.4-0ubuntu0.20.04.2
2.38.5-0ubuntu0.20.04.1
2.38.6-0ubuntu0.20.04.1
Ecosystem specific
{
"priority_reason": "CVE is in CISA KEV list",
"binaries": [
{
"binary_name": "gir1.2-javascriptcoregtk-4.0",
"binary_version": "2.38.6-0ubuntu0.20.04.1"
},
{
"binary_name": "gir1.2-webkit2-4.0",
"binary_version": "2.38.6-0ubuntu0.20.04.1"
},
{
"binary_name": "libjavascriptcoregtk-4.0-18",
"binary_version": "2.38.6-0ubuntu0.20.04.1"
},
{
"binary_name": "libjavascriptcoregtk-4.0-bin",
"binary_version": "2.38.6-0ubuntu0.20.04.1"
},
{
"binary_name": "libjavascriptcoregtk-4.0-dev",
"binary_version": "2.38.6-0ubuntu0.20.04.1"
},
{
"binary_name": "libwebkit2gtk-4.0-37",
"binary_version": "2.38.6-0ubuntu0.20.04.1"
},
{
"binary_name": "libwebkit2gtk-4.0-37-gtk2",
"binary_version": "2.38.6-0ubuntu0.20.04.1"
},
{
"binary_name": "libwebkit2gtk-4.0-dev",
"binary_version": "2.38.6-0ubuntu0.20.04.1"
},
{
"binary_name": "webkit2gtk-driver",
"binary_version": "2.38.6-0ubuntu0.20.04.1"
}
]
}
Ubuntu:Pro:20.04:LTS / qtwebkit-opensource-src
Package
- Name
- qtwebkit-opensource-src
- Purl
- pkg:deb/ubuntu/qtwebkit-opensource-src@5.212.0~alpha4-1ubuntu2.1?arch=source&distro=esm-apps/focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
5.*
5.212.0~alpha3-3
5.212.0~alpha3-5
5.212.0~alpha3-6
5.212.0~alpha3-7
5.212.0~alpha4-1
5.212.0~alpha4-1ubuntu1
5.212.0~alpha4-1ubuntu2
5.212.0~alpha4-1ubuntu2.1
Ecosystem specific
{
"priority_reason": "CVE is in CISA KEV list",
"binaries": [
{
"binary_name": "libqt5webkit5",
"binary_version": "5.212.0~alpha4-1ubuntu2.1"
},
{
"binary_name": "libqt5webkit5-dev",
"binary_version": "5.212.0~alpha4-1ubuntu2.1"
},
{
"binary_name": "qml-module-qtwebkit",
"binary_version": "5.212.0~alpha4-1ubuntu2.1"
}
]
}
Ubuntu:Pro:20.04:LTS / wpewebkit
Package
- Name
- wpewebkit
- Purl
- pkg:deb/ubuntu/wpewebkit@2.28.1-1?arch=source&distro=esm-apps/focal
Ubuntu:22.04:LTS / qtwebkit-opensource-src
Package
- Name
- qtwebkit-opensource-src
- Purl
- pkg:deb/ubuntu/qtwebkit-opensource-src@5.212.0~alpha4-15ubuntu1?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
5.*
5.212.0~alpha4-12
5.212.0~alpha4-13
5.212.0~alpha4-14
5.212.0~alpha4-14build1
5.212.0~alpha4-14ubuntu2
5.212.0~alpha4-15ubuntu1
Ecosystem specific
{
"priority_reason": "CVE is in CISA KEV list",
"binaries": [
{
"binary_name": "libqt5webkit5",
"binary_version": "5.212.0~alpha4-15ubuntu1"
},
{
"binary_name": "libqt5webkit5-dev",
"binary_version": "5.212.0~alpha4-15ubuntu1"
},
{
"binary_name": "qml-module-qtwebkit",
"binary_version": "5.212.0~alpha4-15ubuntu1"
}
]
}
Ubuntu:22.04:LTS / webkit2gtk
Package
- Name
- webkit2gtk
- Purl
- pkg:deb/ubuntu/webkit2gtk@2.48.0-0ubuntu0.22.04.1?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.48.0-0ubuntu0.22.04.1
Affected versions
2.*
2.34.0-1ubuntu1
2.34.1-1ubuntu1
2.34.2-1ubuntu1
2.34.3-1
2.35.3-1ubuntu1
2.35.90-1ubuntu1
2.36.0-2ubuntu1
2.36.2-0ubuntu0.22.04.1
2.36.3-0ubuntu0.22.04.1
2.36.4-0ubuntu0.22.04.1
2.36.6-0ubuntu0.22.04.1
2.36.7-0ubuntu0.22.04.1
2.36.8-0ubuntu0.22.04.1
2.38.2-0ubuntu0.22.04.2
2.38.3-0ubuntu0.22.04.1
2.38.4-0ubuntu0.22.04.1
2.38.5-0ubuntu0.22.04.1
2.38.6-0ubuntu0.22.04.1
2.40.4-0ubuntu0.22.04.1
2.40.5-0ubuntu0.22.04.1
2.42.1-0ubuntu0.22.04.1
2.42.2-0ubuntu0.22.04.1
2.42.3-0ubuntu0.22.04.1
2.42.4-0ubuntu0.22.04.1
2.42.5-0ubuntu0.22.04.2
2.44.0-0ubuntu0.22.04.1
2.44.2-0ubuntu0.22.04.1
2.44.3-0ubuntu0.22.04.1
2.46.1-0ubuntu0.22.04.3
2.46.3-0ubuntu0.22.04.1
2.46.4-0ubuntu0.22.04.1
2.46.5-0ubuntu0.22.04.1
2.46.6-0ubuntu0.22.04.1
Ecosystem specific
{
"priority_reason": "CVE is in CISA KEV list",
"binaries": [
{
"binary_name": "gir1.2-javascriptcoregtk-4.0",
"binary_version": "2.48.0-0ubuntu0.22.04.1"
},
{
"binary_name": "gir1.2-javascriptcoregtk-4.1",
"binary_version": "2.48.0-0ubuntu0.22.04.1"
},
{
"binary_name": "gir1.2-javascriptcoregtk-6.0",
"binary_version": "2.48.0-0ubuntu0.22.04.1"
},
{
"binary_name": "gir1.2-webkit-6.0",
"binary_version": "2.48.0-0ubuntu0.22.04.1"
},
{
"binary_name": "gir1.2-webkit2-4.0",
"binary_version": "2.48.0-0ubuntu0.22.04.1"
},
{
"binary_name": "gir1.2-webkit2-4.1",
"binary_version": "2.48.0-0ubuntu0.22.04.1"
},
{
"binary_name": "libjavascriptcoregtk-4.0-18",
"binary_version": "2.48.0-0ubuntu0.22.04.1"
},
{
"binary_name": "libjavascriptcoregtk-4.0-bin",
"binary_version": "2.48.0-0ubuntu0.22.04.1"
},
{
"binary_name": "libjavascriptcoregtk-4.0-dev",
"binary_version": "2.48.0-0ubuntu0.22.04.1"
},
{
"binary_name": "libjavascriptcoregtk-4.1-0",
"binary_version": "2.48.0-0ubuntu0.22.04.1"
},
{
"binary_name": "libjavascriptcoregtk-4.1-dev",
"binary_version": "2.48.0-0ubuntu0.22.04.1"
},
{
"binary_name": "libjavascriptcoregtk-6.0-1",
"binary_version": "2.48.0-0ubuntu0.22.04.1"
},
{
"binary_name": "libjavascriptcoregtk-6.0-dev",
"binary_version": "2.48.0-0ubuntu0.22.04.1"
},
{
"binary_name": "libwebkit2gtk-4.0-37",
"binary_version": "2.48.0-0ubuntu0.22.04.1"
},
{
"binary_name": "libwebkit2gtk-4.0-dev",
"binary_version": "2.48.0-0ubuntu0.22.04.1"
},
{
"binary_name": "libwebkit2gtk-4.1-0",
"binary_version": "2.48.0-0ubuntu0.22.04.1"
},
{
"binary_name": "libwebkit2gtk-4.1-dev",
"binary_version": "2.48.0-0ubuntu0.22.04.1"
},
{
"binary_name": "libwebkitgtk-6.0-4",
"binary_version": "2.48.0-0ubuntu0.22.04.1"
},
{
"binary_name": "libwebkitgtk-6.0-dev",
"binary_version": "2.48.0-0ubuntu0.22.04.1"
},
{
"binary_name": "webkit2gtk-driver",
"binary_version": "2.48.0-0ubuntu0.22.04.1"
}
],
"availability": "No subscription required"
}
Ubuntu:22.04:LTS / wpewebkit
Package
- Name
- wpewebkit
- Purl
- pkg:deb/ubuntu/wpewebkit@2.36.0-2ubuntu3?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2.*
2.32.4-1
2.34.1-1
2.34.2-1
2.34.3-1
2.34.4-1
2.34.5-1
2.34.6-1
2.36.0-2ubuntu2
2.36.0-2ubuntu3
Ecosystem specific
{
"priority_reason": "CVE is in CISA KEV list",
"binaries": [
{
"binary_name": "libwpewebkit-1.0-3",
"binary_version": "2.36.0-2ubuntu3"
},
{
"binary_name": "libwpewebkit-1.0-dev",
"binary_version": "2.36.0-2ubuntu3"
},
{
"binary_name": "wpewebkit-driver",
"binary_version": "2.36.0-2ubuntu3"
}
]
}
Ubuntu:24.04:LTS / qtwebkit-opensource-src
Package
- Name
- qtwebkit-opensource-src
- Purl
- pkg:deb/ubuntu/qtwebkit-opensource-src@5.212.0~alpha4-36?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
5.*
5.212.0~alpha4-33
5.212.0~alpha4-33build1
5.212.0~alpha4-34
5.212.0~alpha4-34ubuntu3
5.212.0~alpha4-34ubuntu4
5.212.0~alpha4-36
Ecosystem specific
{
"priority_reason": "CVE is in CISA KEV list",
"binaries": [
{
"binary_name": "libqt5webkit5",
"binary_version": "5.212.0~alpha4-36"
},
{
"binary_name": "libqt5webkit5-dev",
"binary_version": "5.212.0~alpha4-36"
},
{
"binary_name": "qml-module-qtwebkit",
"binary_version": "5.212.0~alpha4-36"
}
]
}
Ubuntu:24.04:LTS / webkit2gtk
Package
- Name
- webkit2gtk
- Purl
- pkg:deb/ubuntu/webkit2gtk@2.48.0-0ubuntu0.24.04.1?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.48.0-0ubuntu0.24.04.1
Affected versions
2.*
2.42.1-2
2.42.2-1
2.42.3-1
2.42.4-1
2.43.3-1
2.43.3-1build2
2.44.0-2
2.44.2-0ubuntu0.24.04.1
2.44.2-0ubuntu0.24.04.2
2.44.3-0ubuntu0.24.04.1
2.46.1-0ubuntu0.24.04.1
2.46.3-0ubuntu0.24.04.1
2.46.4-0ubuntu0.24.04.1
2.46.5-0ubuntu0.24.04.1
2.46.6-0ubuntu0.24.04.1
Ecosystem specific
{
"priority_reason": "CVE is in CISA KEV list",
"binaries": [
{
"binary_name": "gir1.2-javascriptcoregtk-4.1",
"binary_version": "2.48.0-0ubuntu0.24.04.1"
},
{
"binary_name": "gir1.2-javascriptcoregtk-6.0",
"binary_version": "2.48.0-0ubuntu0.24.04.1"
},
{
"binary_name": "gir1.2-webkit-6.0",
"binary_version": "2.48.0-0ubuntu0.24.04.1"
},
{
"binary_name": "gir1.2-webkit2-4.1",
"binary_version": "2.48.0-0ubuntu0.24.04.1"
},
{
"binary_name": "libjavascriptcoregtk-4.0-bin",
"binary_version": "2.48.0-0ubuntu0.24.04.1"
},
{
"binary_name": "libjavascriptcoregtk-4.1-0",
"binary_version": "2.48.0-0ubuntu0.24.04.1"
},
{
"binary_name": "libjavascriptcoregtk-4.1-dev",
"binary_version": "2.48.0-0ubuntu0.24.04.1"
},
{
"binary_name": "libjavascriptcoregtk-6.0-1",
"binary_version": "2.48.0-0ubuntu0.24.04.1"
},
{
"binary_name": "libjavascriptcoregtk-6.0-dev",
"binary_version": "2.48.0-0ubuntu0.24.04.1"
},
{
"binary_name": "libjavascriptcoregtk-bin",
"binary_version": "2.48.0-0ubuntu0.24.04.1"
},
{
"binary_name": "libwebkit2gtk-4.1-0",
"binary_version": "2.48.0-0ubuntu0.24.04.1"
},
{
"binary_name": "libwebkit2gtk-4.1-dev",
"binary_version": "2.48.0-0ubuntu0.24.04.1"
},
{
"binary_name": "libwebkitgtk-6.0-4",
"binary_version": "2.48.0-0ubuntu0.24.04.1"
},
{
"binary_name": "libwebkitgtk-6.0-dev",
"binary_version": "2.48.0-0ubuntu0.24.04.1"
},
{
"binary_name": "webkit2gtk-driver",
"binary_version": "2.48.0-0ubuntu0.24.04.1"
}
],
"availability": "No subscription required"
}