CVE-2025-24143
MEDIUM6.5EPSS 0.16%webkit2gtk - security update
Published: 1/27/2025Modified: 4/28/2026
Description
The issue was addressed with improved access restrictions to the file system. This issue is fixed in Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, visionOS 2.3. A maliciously crafted webpage may be able to fingerprint the user.
Affected packages (4)
- Debian/webkit2gtkfrom 0, < 2.46.6-1~deb11u1
- Debian/webkit2gtkfrom 0, < 2.46.6-1~deb11u1
- Debian/webkit2gtkfrom 0, < 2.46.6-1~deb12u1
- Debian/wpewebkitfrom 0
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM6.5 | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N |