VIR Vulnerability Intelligence Relay

CVE-2025-43529

high KEV
Published 2025-12-18 · Modified 2025-12-22
CVSS v3
CVSS v2
VIR risk
9.5

Description

Important: webkit2gtk3 security update

CISA KEV

Vendor
Apple
Product
Multiple Products
Due date
2026-01-05

Predictions

Exploit likelihood
99%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2025-23700.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2025-23663.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2423191

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2423190

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2423188

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2423187

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2423185

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2423166

vendor Authored 2026-05-27

Vendor advisory: alma — https://access.redhat.com/errata/RHSA-2025:23663

vendor Authored 2026-05-27

Vendor advisory: cisa-kev — https://support.apple.com/en-us/125884 ; https://support.apple.com/en-us/125892 ; https://support.apple.com/en-us/125885 ; https://support.apple.com/en-us/125886 ; https://support.apple.com/en-us/125889 ; https://nvd.nist.gov/vuln/detail/CVE-2025-43529

vendor Authored 2026-05-27

Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2025-43529

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2025:23700

vendor Authored 2026-05-27

Vendor advisory: suse — https://www.suse.com/security/cve/CVE-2025-43529.html

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2025:23700

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2025:23663

Mitigation details

Source: Apple Security HT · View original ↗ · proprietary-no-redistribution
Full prose not cached — VIR stores only structured fields (affected/fixed versions, references) for this source. Click "View original" above for the vendor's full advisory.

Exploits

OS impact
OSVersionStatusFixed in
rockylinux rocky8fixed
redhat rhel9fixed
suse slesaffected
rockylinux rocky9fixed
debian debianbookwormfixed2.50.4-1~deb12u1
debian debianbullseyefixed2.50.4-1~deb11u1
debian debianforkyfixed2.50.4-1
debian debiansidfixed2.50.4-1
debian debiantrixiefixed2.50.4-1~deb13u1

References

Verify integrity in audit chain (admin only). AS-IS.