Critical Vulnerabilities in webkit2gtk3 Affecting openSUSE and SUSE Systems

Critical Vulnerabilities in webkit2gtk3 Affecting openSUSE and SUSE Systems

First seen 31 Mar 2026, 13:31 UTC Linuxsecuritywww.debian.org 90% similarity 72.8

Article Content

Browse articles
ThreatCluster

A significant update for webkit2gtk3 has been released to address multiple vulnerabilities, including CVE-2023-43010, CVE-2025-31223, CVE-2025-31277, CVE-2025-43213, CVE-2025-43214, CVE-2025-43433, CVE-2025-43438, and CVE-2025-43441. These vulnerabilities can lead to memory corruption and unexpected crashes when processing maliciously crafted web content. The update is crucial for users of openSUSE Leap 15.4 and SUSE Linux Enterprise systems. The vulnerabilities were disclosed between 2023 and 2025, with some being actively exploited, particularly CVE-2025-31277, which was added to the CISA KEV list on March 20, 2026. The patch is available through standard SUSE installation methods. Users are urged to apply the update promptly to mitigate potential risks. The overall impact is significant, affecting a wide range of systems reliant on webkit2gtk3.

Key Points: • Multiple critical vulnerabilities in webkit2gtk3 require immediate patching. • CVE-2025-31277 is actively exploited, increasing urgency for updates. • Affected systems include openSUSE Leap 15.4 and various SUSE Linux Enterprise versions.

ThreatCluster AI

Timeline

2023-03-12
CVE-2023-43010 published
2024-02-21
CVE-2023-42843 published
2025-02-10
CVE-2024-54658 published
2025-05-12
CVE-2025-31223 published
2025-07-29
CVE-2025-31277, CVE-2025-43213, CVE-2025-43214 published
2025-09-15
CVE-2025-43368 published
2025-11-04
CVE-2025-43419 published
2025-11-04
CVE-2025-43443 published
2025-11-04
CVE-2025-43434 published
2025-11-04
CVE-2025-43441 published

Community

Browse all →