openSUSE Local Security Checks : openSUSE Security Advisory (SUSE-SU-2025:1331-1)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.18.2.2025.1331.1

Categoría: openSUSE Local Security Checks

Título: openSUSE Security Advisory (SUSE-SU-2025:1331-1)

Resumen: The remote host is missing an update for the 'webkit2gtk3' package(s) announced via the SUSE-SU-2025:1331-1 advisory.

Descripción: Summary:
The remote host is missing an update for the 'webkit2gtk3' package(s) announced via the SUSE-SU-2025:1331-1 advisory.

Vulnerability Insight:
This update for webkit2gtk3 fixes the following issues:

- Update to version 2.48.1
- CVE-2024-54551: improper memory handling may lead to a denial-of-service when processing certain web content (bsc#1240962)
- CVE-2025-24208: permissions issue may lead to a cross-site scripting attack when loading a malicious iframe (bsc#1240961)
- CVE-2025-24209: buffer overflow may lead to crash when processing maliciously crafted web content (bsc#1240964)
- CVE-2025-24213: type confusion issue may lead to memory corruption (bsc#1240963)
- CVE-2025-24216: improper memory handling may lead to an unexpected crash when processing certain web content (bsc#1240986)
- CVE-2025-24264: improper memory handling may lead to unexpected crash when processing certain web content (bsc#1240987)
- CVE-2025-30427: use-after-free issue may lead to an unexpected Safari crash when processing maliciously crafted web content (bsc#1240958)

Affected Software/OS:
'webkit2gtk3' package(s) on openSUSE Leap 15.6.

Solution:
Please install the updated package(s).

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2024-54551
Common Vulnerability Exposure (CVE) ID: CVE-2025-24208
Common Vulnerability Exposure (CVE) ID: CVE-2025-24209
Common Vulnerability Exposure (CVE) ID: CVE-2025-24213
Common Vulnerability Exposure (CVE) ID: CVE-2025-24216
Common Vulnerability Exposure (CVE) ID: CVE-2025-24264
Common Vulnerability Exposure (CVE) ID: CVE-2025-30427

Copyright Copyright (C) 2025 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.18.2.2025.1331.1
Categoría:	openSUSE Local Security Checks
Título:	openSUSE Security Advisory (SUSE-SU-2025:1331-1)
Resumen:	The remote host is missing an update for the 'webkit2gtk3' package(s) announced via the SUSE-SU-2025:1331-1 advisory.
Descripción:	Summary: The remote host is missing an update for the 'webkit2gtk3' package(s) announced via the SUSE-SU-2025:1331-1 advisory. Vulnerability Insight: This update for webkit2gtk3 fixes the following issues: - Update to version 2.48.1 - CVE-2024-54551: improper memory handling may lead to a denial-of-service when processing certain web content (bsc#1240962) - CVE-2025-24208: permissions issue may lead to a cross-site scripting attack when loading a malicious iframe (bsc#1240961) - CVE-2025-24209: buffer overflow may lead to crash when processing maliciously crafted web content (bsc#1240964) - CVE-2025-24213: type confusion issue may lead to memory corruption (bsc#1240963) - CVE-2025-24216: improper memory handling may lead to an unexpected crash when processing certain web content (bsc#1240986) - CVE-2025-24264: improper memory handling may lead to unexpected crash when processing certain web content (bsc#1240987) - CVE-2025-30427: use-after-free issue may lead to an unexpected Safari crash when processing maliciously crafted web content (bsc#1240958) Affected Software/OS: 'webkit2gtk3' package(s) on openSUSE Leap 15.6. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2024-54551 Common Vulnerability Exposure (CVE) ID: CVE-2025-24208 Common Vulnerability Exposure (CVE) ID: CVE-2025-24209 Common Vulnerability Exposure (CVE) ID: CVE-2025-24213 Common Vulnerability Exposure (CVE) ID: CVE-2025-24216 Common Vulnerability Exposure (CVE) ID: CVE-2025-24264 Common Vulnerability Exposure (CVE) ID: CVE-2025-30427
Copyright	Copyright (C) 2025 Greenbone AG