CVE-2025-13947
Webkit: webkitgtk: remote user-assisted information disclosure via file drag-and-drop
A flaw was found in WebKitGTK. This vulnerability allows remote, user-assisted information disclosure that can reveal any file the user is permitted to read via abusing the file drag-and-drop mechanism where WebKitGTK does not verify that drag operations originate from outside the browser.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N
Produtos afetados
Red Hat · Red Hat Enterprise Linux 6Red Hat · Red Hat Enterprise Linux 7Red Hat · Red Hat Enterprise Linux 7 Extended Lifecycle SupportRed Hat · Red Hat Enterprise Linux 8Red Hat · Red Hat Enterprise Linux 8.2 Advanced Update SupportRed Hat · Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update SupportRed Hat · Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-OnRed Hat · Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update SupportRed Hat · Red Hat Enterprise Linux 8.6 Telecommunications Update ServiceRed Hat · Red Hat Enterprise Linux 8.6 Update Services for SAP SolutionsRed Hat · Red Hat Enterprise Linux 8.8 Telecommunications Update ServiceRed Hat · Red Hat Enterprise Linux 8.8 Update Services for SAP SolutionsRed Hat · Red Hat Enterprise Linux 9Red Hat · Red Hat Enterprise Linux 9.0 Update Services for SAP SolutionsRed Hat · Red Hat Enterprise Linux 9.2 Update Services for SAP SolutionsRed Hat · Red Hat Enterprise Linux 9.4 Extended Update SupportRed Hat · Red Hat Enterprise Linux 9.6 Extended Update SupportRed Hat · Red Hat In-Vehicle Operating System 1The WebKitGTK Team · webkitgtkQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://access.redhat.com/errata/RHSA-2025:22789https://access.redhat.com/errata/RHSA-2025:22790https://access.redhat.com/errata/RHSA-2025:23110https://access.redhat.com/errata/RHSA-2025:23433https://access.redhat.com/errata/RHSA-2025:23434https://access.redhat.com/errata/RHSA-2025:23451https://access.redhat.com/errata/RHSA-2025:23452https://access.redhat.com/errata/RHSA-2025:23583https://access.redhat.com/errata/RHSA-2025:23591https://access.redhat.com/errata/RHSA-2025:23742https://access.redhat.com/errata/RHSA-2025:23743https://access.redhat.com/security/cve/CVE-2025-13947