{ "schema_version": "1.6.2", "id": "MGASA-2025-0331", "published": "2025-12-21T04:11:33Z", "modified": "2025-12-21T03:34:48Z", "summary": "Updated webkit2 packages fix security vulnerabilities", "details": "CVE-2025-43501 Processing maliciously crafted web content may lead to an\nunexpected process crash. Description: A buffer overflow issue was\naddressed with improved memory handling.\nVE-2025-43531Processing maliciously crafted web content may lead to an\nunexpected process crash. Description: A race condition was addressed\nwith improved state handling.\nCVE-2025-43535 Processing maliciously crafted web content may lead to an\nunexpected process crash. Description: The issue was addressed with\nimproved memory handling.\nCVE-2025-43536 Processing maliciously crafted web content may lead to an\nunexpected process crash. Description: A use-after-free issue was\naddressed with improved memory management.\n", "related": [ "CVE-2025-43501", "CVE-2025-43531", "CVE-2025-43535", "CVE-2025-43536" ], "references": [ { "type": "ADVISORY", "url": "https://advisories.mageia.org/MGASA-2025-0331.html" }, { "type": "REPORT", "url": "https://bugs.mageia.org/show_bug.cgi?id=34866" }, { "type": "REPORT", "url": "https://webkitgtk.org/security/WSA-2025-0010.html" }, { "type": "REPORT", "url": "https://webkitgtk.org/2025/12/16/webkitgtk2.50.4-released.html" } ], "affected": [ { "package": { "ecosystem": "Mageia:9", "name": "webkit2", "purl": "pkg:rpm/mageia/webkit2?arch=source&distro=mageia-9" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "0" }, { "fixed": "2.50.4-1.mga9" } ] } ], "ecosystem_specific": { "section": "core" } } ], "credits": [ { "name": "Mageia", "type": "COORDINATOR", "contact": [ "https://wiki.mageia.org/en/Packages_Security_Team" ] } ] }