QwikSec

Security Database

CVE

CWE

Training

CVE-2025-66287

Published: Dec 4, 2025

Modified: Dec 22, 2025

PUBLISHED

CVSS v3.1

8.8

HIGH

Description

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling.

Vendor	Product	Versions
The WebKitGTK Team	WebKitGTK	affected `0 - < 2.50.3`
Red Hat	Red Hat Enterprise Linux 7 Extended Lifecycle Support	unaffected `0:2.50.3-2.el7_9 - < *`
Red Hat	Red Hat Enterprise Linux 8	unaffected `0:2.50.3-1.el8_10 - < *`
Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support	unaffected `0:2.50.3-2.el8_2 - < *`
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	unaffected `0:2.50.3-2.el8_4 - < *`
Red Hat	Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On	unaffected `0:2.50.3-2.el8_4 - < *`
Red Hat	Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support	unaffected `0:2.50.3-2.el8_6 - < *`
Red Hat	Red Hat Enterprise Linux 8.6 Telecommunications Update Service	unaffected `0:2.50.3-2.el8_6 - < *`
Red Hat	Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions	unaffected `0:2.50.3-2.el8_6 - < *`
Red Hat	Red Hat Enterprise Linux 8.8 Telecommunications Update Service	unaffected `0:2.50.3-2.el8_8 - < *`
Red Hat	Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions	unaffected `0:2.50.3-2.el8_8 - < *`
Red Hat	Red Hat Enterprise Linux 9	unaffected `0:2.50.3-1.el9_7 - < *`
Red Hat	Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions	unaffected `0:2.50.3-1.el9_0 - < *`
Red Hat	Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions	unaffected `0:2.50.3-1.el9_2 - < *`
Red Hat	Red Hat Enterprise Linux 9.4 Extended Update Support	unaffected `0:2.50.3-1.el9_4 - < *`
Red Hat	Red Hat Enterprise Linux 9.6 Extended Update Support	unaffected `0:2.50.3-1.el9_6 - < *`
Red Hat	Red Hat Enterprise Linux 6	All versions
Red Hat	Red Hat Enterprise Linux 7	All versions

Weaknesses (CWE)

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

References

RHSA-2025:22789

vendor-advisory

x_refsource_REDHAT

RHSA-2025:22790

vendor-advisory

x_refsource_REDHAT

RHSA-2025:23110

vendor-advisory

x_refsource_REDHAT

RHSA-2025:23433

vendor-advisory

x_refsource_REDHAT

RHSA-2025:23434

vendor-advisory

x_refsource_REDHAT

RHSA-2025:23451

vendor-advisory

x_refsource_REDHAT

RHSA-2025:23452

vendor-advisory

x_refsource_REDHAT

RHSA-2025:23583

vendor-advisory

x_refsource_REDHAT

RHSA-2025:23591

vendor-advisory

x_refsource_REDHAT

RHSA-2025:23742

vendor-advisory

x_refsource_REDHAT

RHSA-2025:23743

vendor-advisory

x_refsource_REDHAT

https://access.redhat.com/security/cve/CVE-2025-66287

vdb-entry

x_refsource_REDHAT

issue-tracking

x_refsource_REDHAT

https://webkitgtk.org/security/WSA-2025-0009.html

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.