This vulnerability allows a malicious website to read arbitrary local files by abusing the file drag-and-drop mechanism in WebKitGTK. The flaw exists because WebKitGTK does not verify that drag operations originate from outside the browser before granting access to the referenced file path. A crafted webpage can prompt the user to perform an innocent-looking drag action that unintentionally exposes sensitive file content accessible to the user account. This results in a remote, user-assisted information disclosure vulnerability that can reveal any file the user is permitted to read.
Are there any further details? Which versions are affected? Was it reported upstream? Can you please add such details as references too when filling CVEs? Thanks!
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2025:22789 https://access.redhat.com/errata/RHSA-2025:22789
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2025:22790 https://access.redhat.com/errata/RHSA-2025:22790
(In reply to Leonardo Taccari from comment #2) > Are there any further details? Which versions are affected? Was it reported > upstream? > > Can you please add such details as references too when filling CVEs? > > Thanks! JFTR, this is part of <https://webkitgtk.org/security/WSA-2025-0009.html> and it was fixed upstream in version 2.50.3. It would be nice if upstream WSA can be added as a reference too.
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.6 Extended Update Support Via RHSA-2025:23110 https://access.redhat.com/errata/RHSA-2025:23110
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Via RHSA-2025:23433 https://access.redhat.com/errata/RHSA-2025:23433
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On Via RHSA-2025:23434 https://access.redhat.com/errata/RHSA-2025:23434
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Via RHSA-2025:23451 https://access.redhat.com/errata/RHSA-2025:23451
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Via RHSA-2025:23452 https://access.redhat.com/errata/RHSA-2025:23452
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.4 Extended Update Support Via RHSA-2025:23591 https://access.redhat.com/errata/RHSA-2025:23591
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Extended Lifecycle Support Via RHSA-2025:23583 https://access.redhat.com/errata/RHSA-2025:23583
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Red Hat Enterprise Linux 8.6 Telecommunications Update Service Via RHSA-2025:23743 https://access.redhat.com/errata/RHSA-2025:23743
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Red Hat Enterprise Linux 8.8 Telecommunications Update Service Via RHSA-2025:23742 https://access.redhat.com/errata/RHSA-2025:23742