Early Access — Mondoo Vulnerability Intelligence is currently in preview.

Mondoo Vulnerability Intelligence

Search vulnerabilities and malicious packages across npm, PyPI, Go, GitHub Actions, VS Code, and more.

DEBIAN-CVE-2025-43531 | Mondoo Vulnerability Intelligence

DEBIAN-CVE-2025-43531

LOW3.1

A race condition was addressed with improved state handling. This issue is fixed in watchOS 26.2, Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2,

Published Dec 17, 2025

Modified 5 days ago

Fix available

Details

A race condition was addressed with improved state handling. This issue is fixed in watchOS 26.2, Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2, tvOS 26.2. Processing maliciously crafted web content may lead to an unexpected process crash.

Affected Packages

Debian:11webkit2gtk

Fixed in:

2.50.4-1~deb11u1

Debian:11wpewebkit

Affected versions:

2.32.3-22.32.4-12.32.4-1~deb11u12.34.1-12.34.1-1~deb11u12.34.2-12.34.3-12.34.3-1~deb11u12.34.4-12.34.4-1~deb11u1+71 more

Debian:12webkit2gtk

Fixed in:

2.50.4-1~deb12u1

Debian:12wpewebkit

Affected versions:

2.38.6-12.39.91-12.40.0-12.40.1-12.40.2-12.40.2-22.40.3-12.40.4-12.40.5-12.42.0-1+34 more

Debian:13webkit2gtk

Fixed in:

2.50.4-1~deb13u1

Debian:13wpewebkit

Affected versions:

2.48.3-12.48.5-12.48.6-12.48.6-22.50.0-12.50.0-22.50.1-12.50.2-12.50.3-12.50.4-1

Debian:14webkit2gtk

Fixed in:

2.50.4-1

Debian:14wpewebkit

Fixed in:

2.50.4-1

References

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2025-43531

CVSS Analysis

CVSS v3.1

3.1

Exploitability

Attack Vector

NetworkAV:N

Attack Complexity

HighAC:H

Privileges Required

NonePR:N

User Interaction

RequiredUI:R

Scope

UnchangedS:U

Impact

Confidentiality

NoneC:N

Integrity

NoneI:N

Availability

LowA:L

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L

Upstream

CVE-2025-43531

Ecosystems

Debian 11 Debian 12 Debian 13 Debian 14

Timeline

PublishedDec 17, 2025

ModifiedDec 21, 2025