Skip to main content

WebKitGTK. Processing EUVDEUVD-2025-201244

| CVE-2025-66287 HIGH
Classic Buffer Overflow (CWE-120)
2025-12-04 secalert@redhat.com
8.8
CVSS 3.1 · Vendor: redhat
Share

Severity by source

Vendor (redhat) PRIMARY
8.8 HIGH
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Ubuntu
MEDIUM
qualitative
SUSE
HIGH
qualitative
Red Hat
8.8 HIGH
qualitative

Primary rating from Vendor (redhat).

CVSS VectorVendor: redhat

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

4
Patch released
Mar 31, 2026 - 21:13 nvd
Patch available
EUVD ID Assigned
Mar 15, 2026 - 16:35 euvd
EUVD-2025-201244
Analysis Generated
Mar 15, 2026 - 16:35 vuln.today
CVE Published
Dec 04, 2025 - 17:15 nvd
HIGH 8.8

DescriptionCVE.org

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling.

Analysis

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling.

Technical ContextAI

A buffer overflow occurs when data written to a buffer exceeds its allocated size, potentially overwriting adjacent memory and corrupting program state. This vulnerability is classified as Classic Buffer Overflow (CWE-120).

RemediationAI

Use memory-safe languages or bounds-checked functions. Enable ASLR, DEP/NX, and stack canaries. Apply vendor patches promptly.

Vendor StatusVendor

Ubuntu

Priority: Medium
webkitgtk
Release Status Version
xenial ignored -
bionic ignored -
jammy DNE -
noble DNE -
plucky DNE -
questing DNE -
upstream needs-triage -
webkit2gtk
Release Status Version
xenial ignored -
bionic ignored -
focal ignored -
jammy released 2.50.3-0ubuntu0.22.04.1
upstream released 2.50.3
noble released 2.50.3-0ubuntu0.24.04.1
plucky released 2.50.3-0ubuntu0.25.04.1
questing released 2.50.3-0ubuntu0.25.10.1
qtwebkit-source
Release Status Version
xenial ignored -
bionic ignored -
jammy DNE -
noble DNE -
plucky DNE -
questing DNE -
upstream needs-triage -
qtwebkit-opensource-src
Release Status Version
xenial ignored -
bionic ignored -
focal ignored -
jammy ignored -
noble ignored -
plucky DNE -
questing DNE -
upstream needs-triage -
wpewebkit
Release Status Version
focal ignored -
jammy ignored -
noble DNE -
plucky DNE -
questing DNE -
upstream released 2.50.3-1

Debian

webkit2gtk
Release Status Fixed Version Urgency
bullseye fixed 2.50.3-1~deb11u1 -
bullseye (security) fixed 2.50.4-1~deb11u1 -
bookworm, bookworm (security) fixed 2.50.4-1~deb12u1 -
trixie (security), trixie fixed 2.50.4-1~deb13u1 -
forky fixed 2.50.5-1 -
sid fixed 2.50.6-1 -
bookworm fixed 2.50.3-1~deb12u1 -
trixie fixed 2.50.3-1~deb13u1 -
(unstable) fixed 2.50.3-1 -
wpewebkit
Release Status Fixed Version Urgency
bullseye (security), bullseye vulnerable 2.38.6-1~deb11u1 -
bookworm vulnerable 2.38.6-1 -
trixie vulnerable 2.48.3-1 -
forky fixed 2.50.5-1 -
sid fixed 2.50.6-1 -
bullseye fixed (unfixed) end-of-life
(unstable) fixed 2.50.3-1 -

SUSE

Severity: High
Product Status
Container suse/sl-micro/6.0/baremetal-os-container:latest Container suse/sl-micro/6.0/base-os-container:latest Container suse/sl-micro/6.0/toolbox:latest Container suse/sl-micro/6.1/baremetal-os-container:2.2.1-7.2 Container suse/sl-micro/6.1/base-os-container:2.2.0-4.55 Image SL-Micro Image SL-Micro-Azure Image SL-Micro-BYOS-Azure Image SL-Micro-BYOS-EC2 Image SL-Micro-BYOS-GCE Image SL-Micro-Base Image SL-Micro-Base-RT Image SL-Micro-Base-RT-SelfInstall Image SL-Micro-Base-RT-encrypted Image SL-Micro-Base-SelfInstall Image SL-Micro-Base-encrypted Image SL-Micro-Base-qcow Image SL-Micro-Default Image SL-Micro-Default-SelfInstall Image SL-Micro-Default-encrypted Image SL-Micro-Default-qcow Image SL-Micro-EC2 Image SLE-Micro Image SLE-Micro-Azure Image SLE-Micro-BYOS Image SLE-Micro-BYOS-Azure Image SLE-Micro-BYOS-EC2 Image SLE-Micro-BYOS-GCE Image SLE-Micro-EC2 Image SLE-Micro-GCE Image SUSE-Multi-Linux-Manager-Proxy-BYOS-Azure Image SUSE-Multi-Linux-Manager-Proxy-BYOS-EC2 Image SUSE-Multi-Linux-Manager-Proxy-BYOS-GCE Image SUSE-Multi-Linux-Manager-Server-Azure-llc Image SUSE-Multi-Linux-Manager-Server-Azure-ltd Image SUSE-Multi-Linux-Manager-Server-BYOS-Azure Image SUSE-Multi-Linux-Manager-Server-BYOS-EC2 Image SUSE-Multi-Linux-Manager-Server-BYOS-GCE Image SUSE-Multi-Linux-Manager-Server-EC2-llc Image SUSE-Multi-Linux-Manager-Server-EC2-ltd Affected
SUSE Liberty Linux 8 Fixed
SUSE Liberty Linux 9 Fixed
SUSE Linux Enterprise Desktop 15 SP6 SUSE Linux Enterprise High Performance Computing 15 SP6 SUSE Linux Enterprise Server 15 SP6 Fixed
SUSE Linux Enterprise Desktop 15 SP7 SUSE Linux Enterprise High Performance Computing 15 SP7 SUSE Linux Enterprise Server 15 SP7 SUSE Linux Enterprise Server for SAP Applications 15 SP7 Fixed

Share

EUVD-2025-201244 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy