Skip to main content
Skip table of contents

ISN 2025-39: Webkit Vulnerability

First published 2 October 2025

CVSS:3.1: 8.8 (High)

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

A security vulnerability has been found in Webkit, a web browser engine used in IGEL OS. This affects the following product versions:

  • IGEL OS 12

  • IGEL OS 11

Details

It has been discovered that processing maliciously crafted web content with Webkit may lead to an unexpected process crash. This is known as CVE-2025-43342 and rated as critical by CISA. IGEL downgrades the rating to high for the IGEL OS context, because there Webkit is only used to access well-known URLs and not arbitrary web content.

Update Instructions

  • OS 12: Update to the OS 12 base system in version 12.7.3 or newer when available from the IGEL App Portal.

  • OS 11: Update to IGEL OS version 11.11.100 when available.

References

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.