Skip to main content
Skip table of contents

ISN 2025-39: Webkit Vulnerability

First published 2 October 2025

CVSS:3.1: 8.8 (High)

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

A security vulnerability has been found in Webkit, a web browser engine used in IGEL OS. This affects the following product versions:

  • IGEL OS 12

  • IGEL OS 11

Details

It has been discovered that processing maliciously crafted web content with Webkit may lead to an unexpected process crash. This is known as CVE-2025-43342 and rated as critical by CISA. IGEL downgrades the rating to high for the IGEL OS context, because there Webkit is only used to access well-known URLs and not arbitrary web content.

Update Instructions

  • OS 12: Update to the OS 12 base system in version 12.7.3 or newer when available from the IGEL App Portal.

  • OS 11: Update to IGEL OS version 11.11.100 when available.

References

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close