Red Hat Product Errata RHSA-2026:11814 - Security Advisory Issued: 2026-04-29 Updated: 2026-04-29 RHSA-2026:11814 - Security Advisory Overview Updated Packages Synopsis Important: webkit2gtk3 security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fix(es): webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash (CVE-2025-43213) webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash (CVE-2025-43214) webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash (CVE-2025-43457) webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2025-43511) webkitgtk: Processing maliciously crafted web content may disclose internal states of the app (CVE-2025-46299) webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2026-20608) webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2026-20635) webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2026-20636) webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2026-20644) webkitgtk: A remote attacker may be able to cause a denial-of-service (CVE-2026-20652) webkitgtk: A website may be able to track users through Safari web extensions (CVE-2026-20676) webkitgtk: Processing maliciously crafted web content may bypass Same Origin Policy (CVE-2026-20643) webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2026-20664) webkitgtk: Processing maliciously crafted web content may prevent Content Security Policy from being enforced (CVE-2026-20665) webkitgtk: A maliciously crafted webpage may be able to fingerprint the user (CVE-2026-20691) webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2026-28857) webkitgtk: A malicious website may be able to process restricted web content outside the sandbox (CVE-2026-28859) webkitgtk: Visiting a maliciously crafted website may lead to a cross-site scripting attack (CVE-2026-28871) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.8 x86_64 Red Hat Enterprise Linux Server - TUS 8.8 x86_64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 x86_64 Fixes BZ - 2448781 - CVE-2025-43213 webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash BZ - 2448782 - CVE-2025-43214 webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash BZ - 2448786 - CVE-2025-43457 webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash BZ - 2448787 - CVE-2025-43511 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash BZ - 2448788 - CVE-2025-46299 webkitgtk: Processing maliciously crafted web content may disclose internal states of the app BZ - 2448789 - CVE-2026-20608 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash BZ - 2448790 - CVE-2026-20635 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash BZ - 2448791 - CVE-2026-20636 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash BZ - 2448792 - CVE-2026-20644 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash BZ - 2448793 - CVE-2026-20652 webkitgtk: A remote attacker may be able to cause a denial-of-service BZ - 2448794 - CVE-2026-20676 webkitgtk: A website may be able to track users through Safari web extensions BZ - 2453000 - CVE-2026-20643 webkitgtk: Processing maliciously crafted web content may bypass Same Origin Policy BZ - 2453001 - CVE-2026-20664 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash BZ - 2453002 - CVE-2026-20665 webkitgtk: Processing maliciously crafted web content may prevent Content Security Policy from being enforced BZ - 2453003 - CVE-2026-20691 webkitgtk: A maliciously crafted webpage may be able to fingerprint the user BZ - 2453004 - CVE-2026-28857 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash BZ - 2453006 - CVE-2026-28859 webkitgtk: A malicious website may be able to process restricted web content outside the sandbox BZ - 2453008 - CVE-2026-28871 webkitgtk: Visiting a maliciously crafted website may lead to a cross-site scripting attack CVEs CVE-2025-43213 CVE-2025-43214 CVE-2025-43457 CVE-2025-43511 CVE-2025-46299 CVE-2026-20608 CVE-2026-20635 CVE-2026-20636 CVE-2026-20643 CVE-2026-20644 CVE-2026-20652 CVE-2026-20664 CVE-2026-20665 CVE-2026-20676 CVE-2026-20691 CVE-2026-28857 CVE-2026-28859 CVE-2026-28871 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.8 SRPM webkit2gtk3-2.52.3-1.el8_8.src.rpm SHA-256: 2866ae6011b544f9d64b55f8aec816564e8b169caaa67e6133b71ece174be00d x86_64 webkit2gtk3-2.52.3-1.el8_8.i686.rpm SHA-256: d064d487431dbc8c621c70d45bd1a864154f27e2c532b8065ae490fa48e8e050 webkit2gtk3-2.52.3-1.el8_8.x86_64.rpm SHA-256: 9d2931f30f5b4f9834ec0455bf3dbc3f79c929643bc8d31a9ba4a5ecc7499588 webkit2gtk3-debuginfo-2.52.3-1.el8_8.i686.rpm SHA-256: d85aa0b24c20024cf2fa39da9d12db3d380b2ceb64ce90ce4097feb2ce19a7b1 webkit2gtk3-debuginfo-2.52.3-1.el8_8.x86_64.rpm SHA-256: 10566a6c51a75abdbb40a82a139e3bc866fc19f6c8407f03506eddb49f26f7c3 webkit2gtk3-debugsource-2.52.3-1.el8_8.i686.rpm SHA-256: 56033cbc91b389f14e202dbafcbe4c4c80d94bdbe59ff40abbd6cbee45d3fe7b webkit2gtk3-debugsource-2.52.3-1.el8_8.x86_64.rpm SHA-256: 02400b875758df0a0b9b605a1e1a54a8278eed4ca94412a27f39608633a9eb91 webkit2gtk3-devel-2.52.3-1.el8_8.i686.rpm SHA-256: ba44fd9979b525926f579a5323819fbdd4b0f4302b4c906d94d61b568d10b54f webkit2gtk3-devel-2.52.3-1.el8_8.x86_64.rpm SHA-256: 6ec67271e85ddbc88ff1c452d5d9827199705ce768c25c096d8aba9fef42fd16 webkit2gtk3-devel-debuginfo-2.52.3-1.el8_8.i686.rpm SHA-256: d9261ecafc12d228fa8f6baad92c6bbaaa1c74eeca30135e1b6e56735e49adfa webkit2gtk3-devel-debuginfo-2.52.3-1.el8_8.x86_64.rpm SHA-256: 872f53e993133634233a351d03ac6e9105eb17514fa782b653bbcd3cd1b3feee webkit2gtk3-jsc-2.52.3-1.el8_8.i686.rpm SHA-256: fdde639bb2f1cfa2b7e4eb1741fee5134f07d1baec56e86e36de82dcc5cb67ad webkit2gtk3-jsc-2.52.3-1.el8_8.x86_64.rpm SHA-256: 858cc5f788ce3cc575c50ef2f367398edce44b31da29a743376291b527c6ead2 webkit2gtk3-jsc-debuginfo-2.52.3-1.el8_8.i686.rpm SHA-256: acc40011c697a11e97994d99986490662053c9a988082cda6279916719a19adf webkit2gtk3-jsc-debuginfo-2.52.3-1.el8_8.x86_64.rpm SHA-256: 8fa1174486f5e3a8c1b98872d073a54575f7d1a32670893216cb6a77f237cb7d webkit2gtk3-jsc-devel-2.52.3-1.el8_8.i686.rpm SHA-256: a3eb34046953dd057f0b70952cdfe4afe31a4fca6fbba11a4c0b4ebd41c688b2 webkit2gtk3-jsc-devel-2.52.3-1.el8_8.x86_64.rpm SHA-256: 511ecc38c8ca80e3910e3aba7564a3954ac6a3d74ea27ae67c8362e9fc6af89a webkit2gtk3-jsc-devel-debuginfo-2.52.3-1.el8_8.i686.rpm SHA-256: bae8ba5bae763f93a939e98e06ea4b9209f492edd99a06a81e85a3f3c28901fd webkit2gtk3-jsc-devel-debuginfo-2.52.3-1.el8_8.x86_64.rpm SHA-256: cd6e855297d0e6c262477c16813fa8af254d45db951aa49615dcae7835fe270d Red Hat Enterprise Linux Server - TUS 8.8 SRPM webkit2gtk3-2.52.3-1.el8_8.src.rpm SHA-256: 2866ae6011b544f9d64b55f8aec816564e8b169caaa67e6133b71ece174be00d x86_64 webkit2gtk3-2.52.3-1.el8_8.i686.rpm SHA-256: d064d487431dbc8c621c70d45bd1a864154f27e2c532b8065ae490fa48e8e050 webkit2gtk3-2.52.3-1.el8_8.x86_64.rpm SHA-256: 9d2931f30f5b4f9834ec0455bf3dbc3f79c929643bc8d31a9ba4a5ecc7499588 webkit2gtk3-debuginfo-2.52.3-1.el8_8.i686.rpm SHA-256: d85aa0b24c20024cf2fa39da9d12db3d380b2ceb64ce90ce4097feb2ce19a7b1 webkit2gtk3-debuginfo-2.52.3-1.el8_8.x86_64.rpm SHA-256: 10566a6c51a75abdbb40a82a139e3bc866fc19f6c8407f03506eddb49f26f7c3 webkit2gtk3-debugsource-2.52.3-1.el8_8.i686.rpm SHA-256: 56033cbc91b389f14e202dbafcbe4c4c80d94bdbe59ff40abbd6cbee45d3fe7b webkit2gtk3-debugsource-2.52.3-1.el8_8.x86_64.rpm SHA-256: 02400b875758df0a0b9b605a1e1a54a8278eed4ca94412a27f39608633a9eb91 webkit2gtk3-devel-2.52.3-1.el8_8.i686.rpm SHA-256: ba44fd9979b525926f579a5323819fbdd4b0f4302b4c906d94d61b568d10b54f webkit2gtk3-devel-2.52.3-1.el8_8.x86_64.rpm SHA-256: 6ec67271e85ddbc88ff1c452d5d9827199705ce768c25c096d8aba9fef42fd16 webkit2gtk3-devel-debuginfo-2.52.3-1.el8_8.i686.rpm SHA-256: d9261ecafc12d228fa8f6baad92c6bbaaa1c74eeca30135e1b6e56735e49adfa webkit2gtk3-devel-debuginfo-2.52.3-1.el8_8.x86_64.rpm SHA-256: 872f53e993133634233a351d03ac6e9105eb17514fa782b653bbcd3cd1b3feee webkit2gtk3-jsc-2.52.3-1.el8_8.i686.rpm SHA-256: fdde639bb2f1cfa2b