CVE-2025-13947

EUVD-2025-200738
A flaw was found in WebKitGTK. This vulnerability allows remote, user-assisted information disclosure that can reveal any file the user is permitted to read via abusing the file drag-and-drop mechanism where WebKitGTK does not verify that drag operations originate from outside the browser.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.4 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 17%
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
webkitgtk
bionic
ignored
jammy
dne
noble
dne
plucky
dne
questing
dne
xenial
ignored
webkit2gtk
bionic
ignored
focal
ignored
jammy
Fixed 2.50.3-0ubuntu0.22.04.1
released
noble
Fixed 2.50.3-0ubuntu0.24.04.1
released
plucky
Fixed 2.50.3-0ubuntu0.25.04.1
released
questing
Fixed 2.50.3-0ubuntu0.25.10.1
released
xenial
ignored
qtwebkit-source
bionic
ignored
jammy
dne
noble
dne
plucky
dne
questing
dne
xenial
ignored
qtwebkit-opensource-src
bionic
ignored
focal
ignored
jammy
ignored
noble
ignored
plucky
dne
questing
dne
xenial
ignored
wpewebkit
focal
ignored
jammy
ignored
noble
dne
plucky
dne
questing
dne
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
libjavascriptcoregtk-4_0-18
suse enterprise desktop 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise desktop 15 SP7
2.50.4-150600.12.54.1
fixed
suse enterprise sap 15 SP4
2.50.3-150400.4.130.4
fixed
suse enterprise sap 15 SP5
2.50.3-150400.4.130.4
fixed
suse enterprise sap 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise sap 15 SP7
2.50.4-150600.12.54.1
fixed
suse enterprise server 12 SP3
2.50.3-4.47.1
fixed
suse enterprise server 12 SP5
2.50.3-4.47.1
fixed
suse enterprise server 15 SP2
2.50.3-150200.153.4
fixed
suse enterprise server 15 SP4
2.50.3-150400.4.130.4
fixed
suse enterprise server 15 SP5
2.50.3-150400.4.130.4
fixed
suse enterprise server 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise server 15 SP7
2.50.4-150600.12.54.1
fixed
libjavascriptcoregtk-4_1-0
suse enterprise desktop 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise desktop 15 SP7
2.50.4-150600.12.54.1
fixed
suse enterprise sap 15 SP4
2.50.3-150400.4.130.4
fixed
suse enterprise sap 15 SP5
2.50.3-150400.4.130.4
fixed
suse enterprise sap 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise sap 15 SP7
2.50.4-150600.12.54.1
fixed
suse enterprise server 15 SP4
2.50.3-150400.4.130.4
fixed
suse enterprise server 15 SP5
2.50.3-150400.4.130.4
fixed
suse enterprise server 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise server 15 SP7
2.50.4-150600.12.54.1
fixed
libjavascriptcoregtk-6_0-1
suse enterprise desktop 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise desktop 15 SP7
2.50.4-150600.12.54.1
fixed
suse enterprise sap 15 SP4
2.50.3-150400.4.130.4
fixed
suse enterprise sap 15 SP5
2.50.3-150400.4.130.4
fixed
suse enterprise sap 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise sap 15 SP7
2.50.4-150600.12.54.1
fixed
suse enterprise server 15 SP4
2.50.3-150400.4.130.4
fixed
suse enterprise server 15 SP5
2.50.3-150400.4.130.4
fixed
suse enterprise server 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise server 15 SP7
2.50.4-150600.12.54.1
fixed
libwebkit2gtk-4_0-37
suse enterprise desktop 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise desktop 15 SP7
2.50.4-150600.12.54.1
fixed
suse enterprise sap 15 SP4
2.50.3-150400.4.130.4
fixed
suse enterprise sap 15 SP5
2.50.3-150400.4.130.4
fixed
suse enterprise sap 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise sap 15 SP7
2.50.4-150600.12.54.1
fixed
suse enterprise server 12 SP3
2.50.3-4.47.1
fixed
suse enterprise server 12 SP5
2.50.3-4.47.1
fixed
suse enterprise server 15 SP2
2.50.3-150200.153.4
fixed
suse enterprise server 15 SP4
2.50.3-150400.4.130.4
fixed
suse enterprise server 15 SP5
2.50.3-150400.4.130.4
fixed
suse enterprise server 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise server 15 SP7
2.50.4-150600.12.54.1
fixed
libwebkit2gtk-4_1-0
suse enterprise desktop 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise desktop 15 SP7
2.50.4-150600.12.54.1
fixed
suse enterprise sap 15 SP4
2.50.3-150400.4.130.4
fixed
suse enterprise sap 15 SP5
2.50.3-150400.4.130.4
fixed
suse enterprise sap 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise sap 15 SP7
2.50.4-150600.12.54.1
fixed
suse enterprise server 15 SP4
2.50.3-150400.4.130.4
fixed
suse enterprise server 15 SP5
2.50.3-150400.4.130.4
fixed
suse enterprise server 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise server 15 SP7
2.50.4-150600.12.54.1
fixed
libwebkit2gtk3-lang
suse enterprise server 12 SP3
2.50.3-4.47.1
fixed
suse enterprise server 12 SP5
2.50.3-4.47.1
fixed
suse enterprise server 15 SP2
2.50.3-150200.153.4
fixed
libwebkitgtk-6_0-4
suse enterprise desktop 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise desktop 15 SP7
2.50.4-150600.12.54.1
fixed
suse enterprise sap 15 SP4
2.50.3-150400.4.130.4
fixed
suse enterprise sap 15 SP5
2.50.3-150400.4.130.4
fixed
suse enterprise sap 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise sap 15 SP7
2.50.4-150600.12.54.1
fixed
suse enterprise server 15 SP4
2.50.3-150400.4.130.4
fixed
suse enterprise server 15 SP5
2.50.3-150400.4.130.4
fixed
suse enterprise server 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise server 15 SP7
2.50.4-150600.12.54.1
fixed
typelib-1_0-JavaScriptCore-4_0
suse enterprise desktop 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise desktop 15 SP7
2.50.4-150600.12.54.1
fixed
suse enterprise sap 15 SP4
2.50.3-150400.4.130.4
fixed
suse enterprise sap 15 SP5
2.50.3-150400.4.130.4
fixed
suse enterprise sap 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise sap 15 SP7
2.50.4-150600.12.54.1
fixed
suse enterprise server 12 SP3
2.50.3-4.47.1
fixed
suse enterprise server 12 SP5
2.50.3-4.47.1
fixed
suse enterprise server 15 SP2
2.50.3-150200.153.4
fixed
suse enterprise server 15 SP4
2.50.3-150400.4.130.4
fixed
suse enterprise server 15 SP5
2.50.3-150400.4.130.4
fixed
suse enterprise server 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise server 15 SP7
2.50.4-150600.12.54.1
fixed
typelib-1_0-JavaScriptCore-4_1
suse enterprise desktop 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise desktop 15 SP7
2.50.4-150600.12.54.1
fixed
suse enterprise sap 15 SP4
2.50.3-150400.4.130.4
fixed
suse enterprise sap 15 SP5
2.50.3-150400.4.130.4
fixed
suse enterprise sap 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise sap 15 SP7
2.50.4-150600.12.54.1
fixed
suse enterprise server 15 SP4
2.50.3-150400.4.130.4
fixed
suse enterprise server 15 SP5
2.50.3-150400.4.130.4
fixed
suse enterprise server 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise server 15 SP7
2.50.4-150600.12.54.1
fixed
typelib-1_0-JavaScriptCore-6_0
suse enterprise desktop 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise desktop 15 SP7
2.50.4-150600.12.54.1
fixed
suse enterprise sap 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise sap 15 SP7
2.50.4-150600.12.54.1
fixed
suse enterprise server 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise server 15 SP7
2.50.4-150600.12.54.1
fixed
typelib-1_0-WebKit-6_0
suse enterprise desktop 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise desktop 15 SP7
2.50.4-150600.12.54.1
fixed
suse enterprise sap 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise sap 15 SP7
2.50.4-150600.12.54.1
fixed
suse enterprise server 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise server 15 SP7
2.50.4-150600.12.54.1
fixed
typelib-1_0-WebKit2-4_0
suse enterprise desktop 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise desktop 15 SP7
2.50.4-150600.12.54.1
fixed
suse enterprise sap 15 SP4
2.50.3-150400.4.130.4
fixed
suse enterprise sap 15 SP5
2.50.3-150400.4.130.4
fixed
suse enterprise sap 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise sap 15 SP7
2.50.4-150600.12.54.1
fixed
suse enterprise server 12 SP3
2.50.3-4.47.1
fixed
suse enterprise server 12 SP5
2.50.3-4.47.1
fixed
suse enterprise server 15 SP2
2.50.3-150200.153.4
fixed
suse enterprise server 15 SP4
2.50.3-150400.4.130.4
fixed
suse enterprise server 15 SP5
2.50.3-150400.4.130.4
fixed
suse enterprise server 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise server 15 SP7
2.50.4-150600.12.54.1
fixed
typelib-1_0-WebKit2-4_1
suse enterprise desktop 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise desktop 15 SP7
2.50.4-150600.12.54.1
fixed
suse enterprise sap 15 SP4
2.50.3-150400.4.130.4
fixed
suse enterprise sap 15 SP5
2.50.3-150400.4.130.4
fixed
suse enterprise sap 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise sap 15 SP7
2.50.4-150600.12.54.1
fixed
suse enterprise server 15 SP4
2.50.3-150400.4.130.4
fixed
suse enterprise server 15 SP5
2.50.3-150400.4.130.4
fixed
suse enterprise server 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise server 15 SP7
2.50.4-150600.12.54.1
fixed
typelib-1_0-WebKit2WebExtension-4_0
suse enterprise desktop 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise desktop 15 SP7
2.50.4-150600.12.54.1
fixed
suse enterprise sap 15 SP4
2.50.3-150400.4.130.4
fixed
suse enterprise sap 15 SP5
2.50.3-150400.4.130.4
fixed
suse enterprise sap 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise sap 15 SP7
2.50.4-150600.12.54.1
fixed
suse enterprise server 12 SP3
2.50.3-4.47.1
fixed
suse enterprise server 12 SP5
2.50.3-4.47.1
fixed
suse enterprise server 15 SP2
2.50.3-150200.153.4
fixed
suse enterprise server 15 SP4
2.50.3-150400.4.130.4
fixed
suse enterprise server 15 SP5
2.50.3-150400.4.130.4
fixed
suse enterprise server 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise server 15 SP7
2.50.4-150600.12.54.1
fixed
typelib-1_0-WebKit2WebExtension-4_1
suse enterprise desktop 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise desktop 15 SP7
2.50.4-150600.12.54.1
fixed
suse enterprise sap 15 SP4
2.50.3-150400.4.130.4
fixed
suse enterprise sap 15 SP5
2.50.3-150400.4.130.4
fixed
suse enterprise sap 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise sap 15 SP7
2.50.4-150600.12.54.1
fixed
suse enterprise server 15 SP4
2.50.3-150400.4.130.4
fixed
suse enterprise server 15 SP5
2.50.3-150400.4.130.4
fixed
suse enterprise server 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise server 15 SP7
2.50.4-150600.12.54.1
fixed
typelib-1_0-WebKitWebProcessExtension-6_0
suse enterprise desktop 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise desktop 15 SP7
2.50.4-150600.12.54.1
fixed
suse enterprise sap 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise sap 15 SP7
2.50.4-150600.12.54.1
fixed
suse enterprise server 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise server 15 SP7
2.50.4-150600.12.54.1
fixed
webkit2gtk-4_0-injected-bundles
suse enterprise desktop 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise desktop 15 SP7
2.50.4-150600.12.54.1
fixed
suse enterprise sap 15 SP4
2.50.3-150400.4.130.4
fixed
suse enterprise sap 15 SP5
2.50.3-150400.4.130.4
fixed
suse enterprise sap 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise sap 15 SP7
2.50.4-150600.12.54.1
fixed
suse enterprise server 12 SP3
2.50.3-4.47.1
fixed
suse enterprise server 12 SP5
2.50.3-4.47.1
fixed
suse enterprise server 15 SP2
2.50.3-150200.153.4
fixed
suse enterprise server 15 SP4
2.50.3-150400.4.130.4
fixed
suse enterprise server 15 SP5
2.50.3-150400.4.130.4
fixed
suse enterprise server 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise server 15 SP7
2.50.4-150600.12.54.1
fixed
webkit2gtk-4_1-injected-bundles
suse enterprise desktop 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise desktop 15 SP7
2.50.4-150600.12.54.1
fixed
suse enterprise sap 15 SP4
2.50.3-150400.4.130.4
fixed
suse enterprise sap 15 SP5
2.50.3-150400.4.130.4
fixed
suse enterprise sap 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise sap 15 SP7
2.50.4-150600.12.54.1
fixed
suse enterprise server 15 SP4
2.50.3-150400.4.130.4
fixed
suse enterprise server 15 SP5
2.50.3-150400.4.130.4
fixed
suse enterprise server 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise server 15 SP7
2.50.4-150600.12.54.1
fixed
webkit2gtk3-devel
suse enterprise desktop 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise desktop 15 SP7
2.50.4-150600.12.54.1
fixed
suse enterprise sap 15 SP4
2.50.3-150400.4.130.4
fixed
suse enterprise sap 15 SP5
2.50.3-150400.4.130.4
fixed
suse enterprise sap 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise sap 15 SP7
2.50.4-150600.12.54.1
fixed
suse enterprise server 12 SP5
2.50.3-4.47.1
fixed
suse enterprise server 15 SP2
2.50.3-150200.153.4
fixed
suse enterprise server 15 SP4
2.50.3-150400.4.130.4
fixed
suse enterprise server 15 SP5
2.50.3-150400.4.130.4
fixed
suse enterprise server 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise server 15 SP7
2.50.4-150600.12.54.1
fixed
webkit2gtk3-soup2-devel
suse enterprise desktop 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise desktop 15 SP7
2.50.4-150600.12.54.1
fixed
suse enterprise sap 15 SP4
2.50.3-150400.4.130.4
fixed
suse enterprise sap 15 SP5
2.50.3-150400.4.130.4
fixed
suse enterprise sap 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise sap 15 SP7
2.50.4-150600.12.54.1
fixed
suse enterprise server 15 SP4
2.50.3-150400.4.130.4
fixed
suse enterprise server 15 SP5
2.50.3-150400.4.130.4
fixed
suse enterprise server 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise server 15 SP7
2.50.4-150600.12.54.1
fixed
webkit2gtk4-devel
suse enterprise desktop 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise desktop 15 SP7
2.50.4-150600.12.54.1
fixed
suse enterprise sap 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise sap 15 SP7
2.50.4-150600.12.54.1
fixed
suse enterprise server 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise server 15 SP7
2.50.4-150600.12.54.1
fixed
webkitgtk-6_0-injected-bundles
suse enterprise desktop 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise desktop 15 SP7
2.50.4-150600.12.54.1
fixed
suse enterprise sap 15 SP4
2.50.3-150400.4.130.4
fixed
suse enterprise sap 15 SP5
2.50.3-150400.4.130.4
fixed
suse enterprise sap 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise sap 15 SP7
2.50.4-150600.12.54.1
fixed
suse enterprise server 15 SP4
2.50.3-150400.4.130.4
fixed
suse enterprise server 15 SP5
2.50.3-150400.4.130.4
fixed
suse enterprise server 15 SP6
2.50.4-150600.12.54.1
fixed
suse enterprise server 15 SP7
2.50.4-150600.12.54.1
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
webkit2gtk3
RHEL 8
0:2.50.3-1.el8_10
fixed
RHEL 8.2 AUS
0:2.50.3-2.el8_2
fixed
RHEL 8.4 AUS
0:2.50.3-2.el8_4
fixed
RHEL 8.6 AUS
0:2.50.3-2.el8_6
fixed
RHEL 8.6 E4S
0:2.50.3-2.el8_6
fixed
RHEL 8.6 TUS
0:2.50.3-2.el8_6
fixed
RHEL 8.8 E4S
0:2.50.3-2.el8_8
fixed
RHEL 8.8 TUS
0:2.50.3-2.el8_8
fixed
RHEL 9
0:2.50.3-1.el9_7
fixed
webkit2gtk3-devel
RHEL 8
0:2.50.3-1.el8_10
fixed
RHEL 8.2 AUS
0:2.50.3-2.el8_2
fixed
RHEL 8.4 AUS
0:2.50.3-2.el8_4
fixed
RHEL 8.6 AUS
0:2.50.3-2.el8_6
fixed
RHEL 8.6 E4S
0:2.50.3-2.el8_6
fixed
RHEL 8.6 TUS
0:2.50.3-2.el8_6
fixed
RHEL 8.8 E4S
0:2.50.3-2.el8_8
fixed
RHEL 8.8 TUS
0:2.50.3-2.el8_8
fixed
RHEL 9
0:2.50.3-1.el9_7
fixed
webkit2gtk3-jsc
RHEL 8
0:2.50.3-1.el8_10
fixed
RHEL 8.2 AUS
0:2.50.3-2.el8_2
fixed
RHEL 8.4 AUS
0:2.50.3-2.el8_4
fixed
RHEL 8.6 AUS
0:2.50.3-2.el8_6
fixed
RHEL 8.6 E4S
0:2.50.3-2.el8_6
fixed
RHEL 8.6 TUS
0:2.50.3-2.el8_6
fixed
RHEL 8.8 E4S
0:2.50.3-2.el8_8
fixed
RHEL 8.8 TUS
0:2.50.3-2.el8_8
fixed
RHEL 9
0:2.50.3-1.el9_7
fixed
webkit2gtk3-jsc-devel
RHEL 8
0:2.50.3-1.el8_10
fixed
RHEL 8.2 AUS
0:2.50.3-2.el8_2
fixed
RHEL 8.4 AUS
0:2.50.3-2.el8_4
fixed
RHEL 8.6 AUS
0:2.50.3-2.el8_6
fixed
RHEL 8.6 E4S
0:2.50.3-2.el8_6
fixed
RHEL 8.6 TUS
0:2.50.3-2.el8_6
fixed
RHEL 8.8 E4S
0:2.50.3-2.el8_8
fixed
RHEL 8.8 TUS
0:2.50.3-2.el8_8
fixed
RHEL 9
0:2.50.3-1.el9_7
fixed
Common Weakness Enumeration
References
https://access.redhat.com/errata/RHSA-2025:22789
https://access.redhat.com/errata/RHSA-2025:22790
https://access.redhat.com/errata/RHSA-2025:23110
https://access.redhat.com/errata/RHSA-2025:23433
https://access.redhat.com/errata/RHSA-2025:23434
https://access.redhat.com/errata/RHSA-2025:23451
https://access.redhat.com/errata/RHSA-2025:23452
https://access.redhat.com/errata/RHSA-2025:23583
https://access.redhat.com/errata/RHSA-2025:23591
https://access.redhat.com/errata/RHSA-2025:23742
https://access.redhat.com/errata/RHSA-2025:23743
https://access.redhat.com/security/cve/CVE-2025-13947
https://bugs.webkit.org/show_bug.cgi?id=271957
https://bugzilla.redhat.com/show_bug.cgi?id=2418576