vulnerability
Oracle Linux: CVE-2025-43356: ELSA-2025-17802: webkit2gtk3 security update (IMPORTANT) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:C/I:N/A:N) | Sep 23, 2025 | Oct 14, 2025 | Nov 28, 2025 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:C/I:N/A:N)
Published
Sep 23, 2025
Added
Oct 14, 2025
Modified
Nov 28, 2025
Description
The issue was addressed with improved handling of caches. This issue is fixed in tvOS 26, Safari 26, iOS 18.7 and iPadOS 18.7, visionOS 26, watchOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. A website may be able to access sensor information without user consent.
A flaw was found in WebKitGTK. A malicious website can obtain access to sensor information without user consent due to improper handling of caches.
A flaw was found in WebKitGTK. A malicious website can obtain access to sensor information without user consent due to improper handling of caches.
Solutions
oracle-linux-upgrade-webkit2gtk3oracle-linux-upgrade-webkit2gtk3-develoracle-linux-upgrade-webkit2gtk3-jscoracle-linux-upgrade-webkit2gtk3-jsc-devel
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.