Security update for webkit2gtk3 SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2025:0735-1 Final 1 1 2025-02-26T18:34:59Z current 2025-02-26T18:34:59Z 2025-02-26T18:34:59Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for webkit2gtk3 This update for webkit2gtk3 fixes the following issues: Update to version 2.46.6 (bsc#1236946, bsc#1234851): - CVE-2025-24143: A maliciously crafted webpage may be able to fingerprint the user. - CVE-2025-24150: Copying a URL from Web Inspector may lead to command injection. - CVE-2025-24158: Processing web content may lead to a denial-of-service. - CVE-2025-24162: Processing maliciously crafted web content may lead to an unexpected process crash. - CVE-2024-54479: Processing maliciously crafted web content may lead to an unexpected process crash. - CVE-2024-54502: Processing maliciously crafted web content may lead to an unexpected process crash. - CVE-2024-54505: Processing maliciously crafted web content may lead to memory corruption. - CVE-2024-54508: Processing maliciously crafted web content may lead to an unexpected process crash. - CVE-2024-54543: Processing maliciously crafted web content may lead to memory corruption. Already fixed in previous releases: - CVE-2024-27856: Processing a file may lead to unexpected app termination or arbitrary code execution. - CVE-2024-54534: Processing maliciously crafted web content may lead to memory corruption. - CVE-2024-54658: Processing web content may lead to a denial-of-service. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2025-735,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-735,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-735,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-735,SUSE-Storage-7.1-2025-735 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2025/suse-su-20250735-1/ Link for SUSE-SU-2025:0735-1 https://lists.suse.com/pipermail/sle-security-updates/2025-February/020451.html E-Mail link for SUSE-SU-2025:0735-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1234851 SUSE Bug 1234851 https://bugzilla.suse.com/1236946 SUSE Bug 1236946 https://www.suse.com/security/cve/CVE-2024-27856/ SUSE CVE CVE-2024-27856 page https://www.suse.com/security/cve/CVE-2024-54479/ SUSE CVE CVE-2024-54479 page https://www.suse.com/security/cve/CVE-2024-54502/ SUSE CVE CVE-2024-54502 page https://www.suse.com/security/cve/CVE-2024-54505/ SUSE CVE CVE-2024-54505 page https://www.suse.com/security/cve/CVE-2024-54508/ SUSE CVE CVE-2024-54508 page https://www.suse.com/security/cve/CVE-2024-54534/ SUSE CVE CVE-2024-54534 page https://www.suse.com/security/cve/CVE-2024-54543/ SUSE CVE CVE-2024-54543 page https://www.suse.com/security/cve/CVE-2024-54658/ SUSE CVE CVE-2024-54658 page https://www.suse.com/security/cve/CVE-2025-24143/ SUSE CVE CVE-2025-24143 page https://www.suse.com/security/cve/CVE-2025-24150/ SUSE CVE CVE-2025-24150 page https://www.suse.com/security/cve/CVE-2025-24158/ SUSE CVE CVE-2025-24158 page https://www.suse.com/security/cve/CVE-2025-24162/ SUSE CVE CVE-2025-24162 page SUSE Enterprise Storage 7.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS SUSE Linux Enterprise Server 15 SP3-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SP3 libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 libjavascriptcoregtk-4_0-18-32bit-2.46.6-150200.133.1 libjavascriptcoregtk-4_0-18-64bit-2.46.6-150200.133.1 libwebkit2gtk-4_0-37-2.46.6-150200.133.1 libwebkit2gtk-4_0-37-32bit-2.46.6-150200.133.1 libwebkit2gtk-4_0-37-64bit-2.46.6-150200.133.1 libwebkit2gtk3-lang-2.46.6-150200.133.1 typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 webkit-jsc-4-2.46.6-150200.133.1 webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 webkit2gtk3-devel-2.46.6-150200.133.1 webkit2gtk3-minibrowser-2.46.6-150200.133.1 libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 as a component of SUSE Enterprise Storage 7.1 libwebkit2gtk-4_0-37-2.46.6-150200.133.1 as a component of SUSE Enterprise Storage 7.1 libwebkit2gtk3-lang-2.46.6-150200.133.1 as a component of SUSE Enterprise Storage 7.1 typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 as a component of SUSE Enterprise Storage 7.1 typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 as a component of SUSE Enterprise Storage 7.1 typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 as a component of SUSE Enterprise Storage 7.1 webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 as a component of SUSE Enterprise Storage 7.1 webkit2gtk3-devel-2.46.6-150200.133.1 as a component of SUSE Enterprise Storage 7.1 libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS libwebkit2gtk-4_0-37-2.46.6-150200.133.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS libwebkit2gtk3-lang-2.46.6-150200.133.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS webkit2gtk3-devel-2.46.6-150200.133.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS libwebkit2gtk-4_0-37-2.46.6-150200.133.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS libwebkit2gtk3-lang-2.46.6-150200.133.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS webkit2gtk3-devel-2.46.6-150200.133.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 libwebkit2gtk-4_0-37-2.46.6-150200.133.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 libwebkit2gtk3-lang-2.46.6-150200.133.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 webkit2gtk3-devel-2.46.6-150200.133.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.5, iOS 16.7.8 and iPadOS 16.7.8, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, tvOS 17.5, visionOS 1.2. Processing a file may lead to unexpected app termination or arbitrary code execution. CVE-2024-27856 SUSE Enterprise Storage 7.1:libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:libwebkit2gtk-4_0-37-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:libwebkit2gtk3-lang-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:webkit2gtk3-devel-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libwebkit2gtk-4_0-37-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libwebkit2gtk3-lang-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:webkit2gtk3-devel-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:libwebkit2gtk-4_0-37-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:libwebkit2gtk3-lang-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:webkit2gtk3-devel-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libwebkit2gtk-4_0-37-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libwebkit2gtk3-lang-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:webkit2gtk3-devel-2.46.6-150200.133.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250735-1/ https://www.suse.com/security/cve/CVE-2024-27856.html CVE-2024-27856 https://bugzilla.suse.com/1236946 SUSE Bug 1236946 The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.3, watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to an unexpected process crash. CVE-2024-54479 SUSE Enterprise Storage 7.1:libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:libwebkit2gtk-4_0-37-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:libwebkit2gtk3-lang-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:webkit2gtk3-devel-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libwebkit2gtk-4_0-37-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libwebkit2gtk3-lang-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:webkit2gtk3-devel-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:libwebkit2gtk-4_0-37-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:libwebkit2gtk3-lang-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:webkit2gtk3-devel-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libwebkit2gtk-4_0-37-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libwebkit2gtk3-lang-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:webkit2gtk3-devel-2.46.6-150200.133.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250735-1/ https://www.suse.com/security/cve/CVE-2024-54479.html CVE-2024-54479 https://bugzilla.suse.com/1234851 SUSE Bug 1234851 The issue was addressed with improved checks. This issue is fixed in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to an unexpected process crash. CVE-2024-54502 SUSE Enterprise Storage 7.1:libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:libwebkit2gtk-4_0-37-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:libwebkit2gtk3-lang-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:webkit2gtk3-devel-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libwebkit2gtk-4_0-37-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libwebkit2gtk3-lang-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:webkit2gtk3-devel-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:libwebkit2gtk-4_0-37-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:libwebkit2gtk3-lang-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:webkit2gtk3-devel-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libwebkit2gtk-4_0-37-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libwebkit2gtk3-lang-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:webkit2gtk3-devel-2.46.6-150200.133.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250735-1/ https://www.suse.com/security/cve/CVE-2024-54502.html CVE-2024-54502 https://bugzilla.suse.com/1234851 SUSE Bug 1234851 A type confusion issue was addressed with improved memory handling. This issue is fixed in iPadOS 17.7.3, watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to memory corruption. CVE-2024-54505 SUSE Enterprise Storage 7.1:libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:libwebkit2gtk-4_0-37-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:libwebkit2gtk3-lang-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:webkit2gtk3-devel-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libwebkit2gtk-4_0-37-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libwebkit2gtk3-lang-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:webkit2gtk3-devel-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:libwebkit2gtk-4_0-37-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:libwebkit2gtk3-lang-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:webkit2gtk3-devel-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libwebkit2gtk-4_0-37-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libwebkit2gtk3-lang-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:webkit2gtk3-devel-2.46.6-150200.133.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250735-1/ https://www.suse.com/security/cve/CVE-2024-54505.html CVE-2024-54505 https://bugzilla.suse.com/1234851 SUSE Bug 1234851 The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to an unexpected process crash. CVE-2024-54508 SUSE Enterprise Storage 7.1:libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:libwebkit2gtk-4_0-37-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:libwebkit2gtk3-lang-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:webkit2gtk3-devel-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libwebkit2gtk-4_0-37-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libwebkit2gtk3-lang-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:webkit2gtk3-devel-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:libwebkit2gtk-4_0-37-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:libwebkit2gtk3-lang-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:webkit2gtk3-devel-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libwebkit2gtk-4_0-37-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libwebkit2gtk3-lang-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:webkit2gtk3-devel-2.46.6-150200.133.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250735-1/ https://www.suse.com/security/cve/CVE-2024-54508.html CVE-2024-54508 https://bugzilla.suse.com/1234851 SUSE Bug 1234851 The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to memory corruption. CVE-2024-54534 SUSE Enterprise Storage 7.1:libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:libwebkit2gtk-4_0-37-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:libwebkit2gtk3-lang-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:webkit2gtk3-devel-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libwebkit2gtk-4_0-37-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libwebkit2gtk3-lang-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:webkit2gtk3-devel-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:libwebkit2gtk-4_0-37-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:libwebkit2gtk3-lang-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:webkit2gtk3-devel-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libwebkit2gtk-4_0-37-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libwebkit2gtk3-lang-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:webkit2gtk3-devel-2.46.6-150200.133.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250735-1/ https://www.suse.com/security/cve/CVE-2024-54534.html CVE-2024-54534 https://bugzilla.suse.com/1234851 SUSE Bug 1234851 The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.2, tvOS 18.2, Safari 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2. Processing maliciously crafted web content may lead to memory corruption. CVE-2024-54543 SUSE Enterprise Storage 7.1:libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:libwebkit2gtk-4_0-37-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:libwebkit2gtk3-lang-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:webkit2gtk3-devel-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libwebkit2gtk-4_0-37-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libwebkit2gtk3-lang-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:webkit2gtk3-devel-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:libwebkit2gtk-4_0-37-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:libwebkit2gtk3-lang-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:webkit2gtk3-devel-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libwebkit2gtk-4_0-37-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libwebkit2gtk3-lang-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:webkit2gtk3-devel-2.46.6-150200.133.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250735-1/ https://www.suse.com/security/cve/CVE-2024-54543.html CVE-2024-54543 https://bugzilla.suse.com/1236946 SUSE Bug 1236946 The issue was addressed with improved memory handling. This issue is fixed in iOS 17.4 and iPadOS 17.4, Safari 17.4, tvOS 17.4, watchOS 10.4, visionOS 1.1, macOS Sonoma 14.4. Processing web content may lead to a denial-of-service. CVE-2024-54658 SUSE Enterprise Storage 7.1:libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:libwebkit2gtk-4_0-37-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:libwebkit2gtk3-lang-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:webkit2gtk3-devel-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libwebkit2gtk-4_0-37-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libwebkit2gtk3-lang-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:webkit2gtk3-devel-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:libwebkit2gtk-4_0-37-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:libwebkit2gtk3-lang-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:webkit2gtk3-devel-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libwebkit2gtk-4_0-37-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libwebkit2gtk3-lang-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:webkit2gtk3-devel-2.46.6-150200.133.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250735-1/ https://www.suse.com/security/cve/CVE-2024-54658.html CVE-2024-54658 https://bugzilla.suse.com/1236946 SUSE Bug 1236946 The issue was addressed with improved access restrictions to the file system. This issue is fixed in macOS Sequoia 15.3, Safari 18.3, iOS 18.3 and iPadOS 18.3, visionOS 2.3. A maliciously crafted webpage may be able to fingerprint the user. CVE-2025-24143 SUSE Enterprise Storage 7.1:libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:libwebkit2gtk-4_0-37-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:libwebkit2gtk3-lang-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:webkit2gtk3-devel-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libwebkit2gtk-4_0-37-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libwebkit2gtk3-lang-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:webkit2gtk3-devel-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:libwebkit2gtk-4_0-37-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:libwebkit2gtk3-lang-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:webkit2gtk3-devel-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libwebkit2gtk-4_0-37-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libwebkit2gtk3-lang-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:webkit2gtk3-devel-2.46.6-150200.133.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250735-1/ https://www.suse.com/security/cve/CVE-2025-24143.html CVE-2025-24143 https://bugzilla.suse.com/1236946 SUSE Bug 1236946 A privacy issue was addressed with improved handling of files. This issue is fixed in macOS Sequoia 15.3, Safari 18.3, iOS 18.3 and iPadOS 18.3. Copying a URL from Web Inspector may lead to command injection. CVE-2025-24150 SUSE Enterprise Storage 7.1:libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:libwebkit2gtk-4_0-37-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:libwebkit2gtk3-lang-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:webkit2gtk3-devel-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libwebkit2gtk-4_0-37-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libwebkit2gtk3-lang-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:webkit2gtk3-devel-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:libwebkit2gtk-4_0-37-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:libwebkit2gtk3-lang-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:webkit2gtk3-devel-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libwebkit2gtk-4_0-37-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libwebkit2gtk3-lang-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:webkit2gtk3-devel-2.46.6-150200.133.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250735-1/ https://www.suse.com/security/cve/CVE-2025-24150.html CVE-2025-24150 https://bugzilla.suse.com/1236946 SUSE Bug 1236946 The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.3, Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Processing web content may lead to a denial-of-service. CVE-2025-24158 SUSE Enterprise Storage 7.1:libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:libwebkit2gtk-4_0-37-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:libwebkit2gtk3-lang-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:webkit2gtk3-devel-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libwebkit2gtk-4_0-37-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libwebkit2gtk3-lang-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:webkit2gtk3-devel-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:libwebkit2gtk-4_0-37-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:libwebkit2gtk3-lang-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:webkit2gtk3-devel-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libwebkit2gtk-4_0-37-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libwebkit2gtk3-lang-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:webkit2gtk3-devel-2.46.6-150200.133.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250735-1/ https://www.suse.com/security/cve/CVE-2025-24158.html CVE-2025-24158 https://bugzilla.suse.com/1236946 SUSE Bug 1236946 This issue was addressed through improved state management. This issue is fixed in visionOS 2.3, Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Processing maliciously crafted web content may lead to an unexpected process crash. CVE-2025-24162 SUSE Enterprise Storage 7.1:libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:libwebkit2gtk-4_0-37-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:libwebkit2gtk3-lang-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 SUSE Enterprise Storage 7.1:webkit2gtk3-devel-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libwebkit2gtk-4_0-37-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libwebkit2gtk3-lang-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:webkit2gtk3-devel-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:libwebkit2gtk-4_0-37-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:libwebkit2gtk3-lang-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 SUSE Linux Enterprise Server 15 SP3-LTSS:webkit2gtk3-devel-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libwebkit2gtk-4_0-37-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libwebkit2gtk3-lang-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:webkit2gtk3-devel-2.46.6-150200.133.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250735-1/ https://www.suse.com/security/cve/CVE-2025-24162.html CVE-2025-24162 https://bugzilla.suse.com/1236946 SUSE Bug 1236946