Created
July 30, 2025 01:11
-
-
Save Proteas/5f134880e14e75152f32eaae97a52333 to your computer and use it in GitHub Desktop.
Apple Security Release, 2025-07, 95 unique bugs fixed
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [ | |
| { | |
| "impact": "An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges", | |
| "available": "macOS Sonoma", | |
| "description": "This issue was addressed through improved state management.", | |
| "update": "", | |
| "module": "Finder", | |
| "id": "CVE-2025-24119", | |
| "credit": "an anonymous researcher", | |
| "page": "https://support.apple.com/en-us/124150", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "Processing maliciously crafted web content may lead to an unexpected Safari crash", | |
| "available": "macOS Sequoia", | |
| "description": "A logic issue was addressed with improved checks.", | |
| "update": "", | |
| "module": "Safari", | |
| "id": "CVE-2025-24188", | |
| "credit": "Andreas Jaegersberger & Ro Achterberg of Nosebeard Labs", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "A remote attacker may be able to cause unexpected system termination", | |
| "available": "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", | |
| "description": "The issue was addressed with improved checks.", | |
| "update": "", | |
| "module": "Kernel", | |
| "id": "CVE-2025-24224", | |
| "credit": "Tony Iskow (@Tybbow)", | |
| "page": "https://support.apple.com/en-us/124148", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "Passcode may be read aloud by VoiceOver", | |
| "available": "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", | |
| "description": "A logic issue was addressed with improved checks.", | |
| "update": "", | |
| "module": "Accessibility", | |
| "id": "CVE-2025-31229", | |
| "credit": "Wong Wee Xiang", | |
| "page": "https://support.apple.com/en-us/124147", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "An app may be able to gain root privileges", | |
| "available": "macOS Sequoia", | |
| "description": "A permissions issue was addressed with additional restrictions.", | |
| "update": "", | |
| "module": "AppleMobileFileIntegrity", | |
| "id": "CVE-2025-31243", | |
| "credit": "Mickey Jin (@patch1t)", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "Processing maliciously crafted web content may lead to memory corruption", | |
| "available": "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", | |
| "description": "The issue was addressed with improved memory handling.", | |
| "update": "", | |
| "module": "WebKit", | |
| "id": "CVE-2025-31273", | |
| "credit": "Yuhao Hu, Yan Kang, Chenggang Wu, and Xiaojie Wei", | |
| "bugzilla": "293579", | |
| "page": "https://support.apple.com/en-us/124147", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "A sandboxed process may be able to launch any installed app", | |
| "available": "macOS Sequoia", | |
| "description": "A permissions issue was addressed with additional restrictions.", | |
| "update": "", | |
| "module": "MediaRemote", | |
| "id": "CVE-2025-31275", | |
| "credit": "Dora Orak", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "Remote content may be loaded even when the 'Load Remote Images' setting is turned off", | |
| "available": "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", | |
| "description": "This issue was addressed through improved state management.", | |
| "update": "", | |
| "module": "Mail Drafts", | |
| "id": "CVE-2025-31276", | |
| "credit": "Himanshu Bharti (@Xpl0itme)", | |
| "page": "https://support.apple.com/en-us/124147", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "Processing maliciously crafted web content may lead to memory corruption", | |
| "available": "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", | |
| "description": "The issue was addressed with improved memory handling.", | |
| "update": "", | |
| "module": "WebKit", | |
| "id": "CVE-2025-31277", | |
| "credit": "Yuhao Hu, Yan Kang, Chenggang Wu, and Xiaojie Wei", | |
| "bugzilla": "291745", | |
| "page": "https://support.apple.com/en-us/124147", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "Processing maliciously crafted web content may lead to memory corruption", | |
| "available": "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", | |
| "description": "The issue was addressed with improved memory handling.", | |
| "update": "", | |
| "module": "WebKit", | |
| "id": "CVE-2025-31278", | |
| "credit": "Yuhao Hu, Yan Kang, Chenggang Wu, and Xiaojie Wei", | |
| "bugzilla": "291742", | |
| "page": "https://support.apple.com/en-us/124147", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "An app may be able to fingerprint the user", | |
| "available": "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", | |
| "description": "A permissions issue was addressed with additional restrictions.", | |
| "update": "", | |
| "module": "Find My", | |
| "id": "CVE-2025-31279", | |
| "credit": "Dawuge of Shuffle Team", | |
| "page": "https://support.apple.com/en-us/124148", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "Processing a maliciously crafted file may lead to heap corruption", | |
| "available": "macOS Sequoia", | |
| "description": "A memory corruption issue was addressed with improved validation.", | |
| "update": "", | |
| "module": "Model I/O", | |
| "id": "CVE-2025-31280", | |
| "credit": "Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "Processing a maliciously crafted file may lead to unexpected app termination", | |
| "available": "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", | |
| "description": "An input validation issue was addressed with improved memory handling.", | |
| "update": "", | |
| "module": "Model I/O", | |
| "id": "CVE-2025-31281", | |
| "credit": "Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative", | |
| "page": "https://support.apple.com/en-us/124147", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "A shortcut may be able to bypass sensitive Shortcuts app settings", | |
| "available": "macOS Sonoma", | |
| "description": "This issue was addressed by adding an additional prompt for user consent.", | |
| "update": "", | |
| "module": "Shortcuts", | |
| "id": "CVE-2025-43184", | |
| "credit": "Csaba Fitzl (@theevilbit) of Kandji", | |
| "page": "https://support.apple.com/en-us/124150", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "An app may be able to access protected user data", | |
| "available": "macOS Sequoia", | |
| "description": "A downgrade issue was addressed with additional code-signing restrictions.", | |
| "update": "", | |
| "module": "Voice Control", | |
| "id": "CVE-2025-43185", | |
| "credit": "Mickey Jin (@patch1t)", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "Parsing a file may lead to an unexpected app termination", | |
| "available": "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", | |
| "description": "The issue was addressed with improved memory handling.", | |
| "update": "", | |
| "module": "afclip", | |
| "id": "CVE-2025-43186", | |
| "credit": "Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative", | |
| "page": "https://support.apple.com/en-us/124147", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "Running an hdiutil command may unexpectedly execute arbitrary code", | |
| "available": "macOS Sequoia", | |
| "description": "This issue was addressed by removing the vulnerable code.", | |
| "update": "", | |
| "module": "Disk Images", | |
| "id": "CVE-2025-43187", | |
| "credit": "\u98ce\u6c90\u4e91\u70df (@binary_fmyy) and Minghao Lin (@Y1nKoc)", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "A malicious app may be able to gain root privileges", | |
| "available": "macOS Sequoia", | |
| "description": "A permissions issue was addressed with additional restrictions.", | |
| "update": "", | |
| "module": "DiskArbitration", | |
| "id": "CVE-2025-43188", | |
| "credit": "an anonymous researcher", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "A malicious app may be able to read kernel memory", | |
| "available": "macOS Sequoia", | |
| "description": "This issue was addressed with improved memory handling.", | |
| "update": "", | |
| "module": "WebContentFilter", | |
| "id": "CVE-2025-43189", | |
| "credit": "an anonymous researcher", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "An app may be able to cause a denial-of-service", | |
| "available": "macOS Sequoia", | |
| "description": "A path handling issue was addressed with improved validation.", | |
| "update": "", | |
| "module": "Admin Framework", | |
| "id": "CVE-2025-43191", | |
| "credit": "Ryan Dowd (@_rdowd)", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "Account-driven User Enrollment may still be possible with Lockdown Mode turned on", | |
| "available": "macOS Sequoia", | |
| "description": "A configuration issue was addressed with additional restrictions.", | |
| "update": "", | |
| "module": "Managed Configuration", | |
| "id": "CVE-2025-43192", | |
| "credit": "Pyrophoria", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "An app may be able to cause a denial-of-service", | |
| "available": "macOS Sequoia", | |
| "description": "The issue was addressed with improved memory handling.", | |
| "update": "", | |
| "module": "SecurityAgent", | |
| "id": "CVE-2025-43193", | |
| "credit": "Dawuge of Shuffle Team", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "An app may be able to modify protected parts of the file system", | |
| "available": "macOS Sequoia", | |
| "description": "The issue was addressed with improved checks.", | |
| "update": "", | |
| "module": "PackageKit", | |
| "id": "CVE-2025-43194", | |
| "credit": "Mickey Jin (@patch1t)", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "An app may be able to access sensitive user data", | |
| "available": "macOS Sequoia", | |
| "description": "An issue existed in the handling of environment variables. This issue was addressed with improved validation.", | |
| "update": "", | |
| "module": "CoreServices", | |
| "id": "CVE-2025-43195", | |
| "credit": "\u98ce\u6c90\u4e91\u70df (@binary_fmyy) and Minghao Lin (@Y1nKoc)", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "An app may be able to gain root privileges", | |
| "available": "macOS Sequoia", | |
| "description": "A path handling issue was addressed with improved validation.", | |
| "update": "", | |
| "module": "libxpc", | |
| "id": "CVE-2025-43196", | |
| "credit": "an anonymous researcher", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "An app may be able to access sensitive user data", | |
| "available": "macOS Sequoia", | |
| "description": "This issue was addressed with additional entitlement checks.", | |
| "update": "", | |
| "module": "Single Sign-On", | |
| "id": "CVE-2025-43197", | |
| "credit": "Shang-De Jiang and Kazma Ye of CyCraft Technology", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "An app may be able to access protected user data", | |
| "available": "macOS Sequoia", | |
| "description": "This issue was addressed by removing the vulnerable code.", | |
| "update": "", | |
| "module": "Dock", | |
| "id": "CVE-2025-43198", | |
| "credit": "Mickey Jin (@patch1t)", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "A malicious app may be able to gain root privileges", | |
| "available": "macOS Sequoia", | |
| "description": "A permissions issue was addressed by removing the vulnerable code.", | |
| "update": "", | |
| "module": "Core Services", | |
| "id": "CVE-2025-43199", | |
| "credit": "Gergely Kalman (@gergely_kalman), an anonymous researcher", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "Processing a file may lead to memory corruption", | |
| "available": "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", | |
| "description": "This issue was addressed with improved memory handling.", | |
| "update": "", | |
| "module": "libnetcore", | |
| "id": "CVE-2025-43202", | |
| "credit": "Brian Carpenter", | |
| "page": "https://support.apple.com/en-us/124147", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "An app may be able to bypass ASLR", | |
| "available": "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", | |
| "description": "An out-of-bounds access issue was addressed with improved bounds checking.", | |
| "update": "July 29, 2025", | |
| "module": "Audio", | |
| "id": "CVE-2025-43205", | |
| "credit": "Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative", | |
| "page": "https://support.apple.com/en-us/122371", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "An app may be able to access protected user data", | |
| "available": "macOS Sequoia", | |
| "description": "A parsing issue in the handling of directory paths was addressed with improved path validation.", | |
| "update": "", | |
| "module": "System Settings", | |
| "id": "CVE-2025-43206", | |
| "credit": "Zhongquan Li (@Guluisacat)", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "Processing maliciously crafted web content may lead to an unexpected Safari crash", | |
| "available": "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", | |
| "description": "An out-of-bounds access issue was addressed with improved bounds checking.", | |
| "update": "", | |
| "module": "ICU", | |
| "id": "CVE-2025-43209", | |
| "credit": "Gary Kwong working with Trend Micro Zero Day Initiative", | |
| "page": "https://support.apple.com/en-us/124147", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory", | |
| "available": "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", | |
| "description": "An out-of-bounds access issue was addressed with improved bounds checking.", | |
| "update": "", | |
| "module": "CoreMedia", | |
| "id": "CVE-2025-43210", | |
| "credit": "Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative", | |
| "page": "https://support.apple.com/en-us/124147", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "Processing web content may lead to a denial-of-service", | |
| "available": "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", | |
| "description": "The issue was addressed with improved memory handling.", | |
| "update": "", | |
| "module": "WebKit", | |
| "id": "CVE-2025-43211", | |
| "credit": "Yuhao Hu, Yan Kang, Chenggang Wu, and Xiaojie Wei", | |
| "bugzilla": "293730", | |
| "page": "https://support.apple.com/en-us/124147", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "Processing maliciously crafted web content may lead to an unexpected Safari crash", | |
| "available": "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", | |
| "description": "The issue was addressed with improved memory handling.", | |
| "update": "", | |
| "module": "WebKit", | |
| "id": "CVE-2025-43212", | |
| "credit": "Nan Wang (@eternalsakura13) and Ziling Chen", | |
| "bugzilla": "293197", | |
| "page": "https://support.apple.com/en-us/124147", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "Processing maliciously crafted web content may lead to an unexpected Safari crash", | |
| "available": "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", | |
| "description": "The issue was addressed with improved memory handling.", | |
| "update": "", | |
| "module": "WebKit", | |
| "id": "CVE-2025-43213", | |
| "credit": "Google V8 Security Team", | |
| "bugzilla": "292621", | |
| "page": "https://support.apple.com/en-us/124147", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "Processing maliciously crafted web content may lead to an unexpected Safari crash", | |
| "available": "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", | |
| "description": "The issue was addressed with improved memory handling.", | |
| "update": "", | |
| "module": "WebKit", | |
| "id": "CVE-2025-43214", | |
| "credit": "shandikri working with Trend Micro Zero Day Initiative, Google V8 Security Team", | |
| "bugzilla": "292599", | |
| "page": "https://support.apple.com/en-us/124147", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "Processing a maliciously crafted image may result in disclosure of process memory", | |
| "available": "macOS Sequoia", | |
| "description": "The issue was addressed with improved checks.", | |
| "update": "", | |
| "module": "Model I/O", | |
| "id": "CVE-2025-43215", | |
| "credit": "Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "Processing maliciously crafted web content may lead to an unexpected Safari crash", | |
| "available": "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", | |
| "description": "A use-after-free issue was addressed with improved memory management.", | |
| "update": "", | |
| "module": "WebKit", | |
| "id": "CVE-2025-43216", | |
| "credit": "Ignacio Sanmillan (@ulexec)", | |
| "bugzilla": "295382", | |
| "page": "https://support.apple.com/en-us/124147", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "Privacy Indicators for microphone or camera access may not be correctly displayed", | |
| "available": "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", | |
| "description": "The issue was addressed by adding additional logic.", | |
| "update": "", | |
| "module": "Accessibility", | |
| "id": "CVE-2025-43217", | |
| "credit": "Himanshu Bharti (@Xpl0itme)", | |
| "page": "https://support.apple.com/en-us/124147", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "Processing a maliciously crafted USD file may disclose memory contents", | |
| "available": "macOS Sequoia", | |
| "description": "An out-of-bounds read was addressed with improved input validation.", | |
| "update": "", | |
| "module": "Model I/O", | |
| "id": "CVE-2025-43218", | |
| "credit": "Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "Processing a maliciously crafted image may corrupt process memory", | |
| "available": "macOS Sequoia", | |
| "description": "The issue was addressed with improved memory handling.", | |
| "update": "", | |
| "module": "Model I/O", | |
| "id": "CVE-2025-43219", | |
| "credit": "Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "An app may be able to access protected user data", | |
| "available": "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", | |
| "description": "This issue was addressed with improved validation of symlinks.", | |
| "update": "", | |
| "module": "copyfile", | |
| "id": "CVE-2025-43220", | |
| "credit": "Mickey Jin (@patch1t)", | |
| "page": "https://support.apple.com/en-us/124148", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory", | |
| "available": "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", | |
| "description": "An out-of-bounds access issue was addressed with improved bounds checking.", | |
| "update": "", | |
| "module": "Model I/O", | |
| "id": "CVE-2025-43221", | |
| "credit": "Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative", | |
| "page": "https://support.apple.com/en-us/124147", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "An attacker may be able to cause unexpected app termination", | |
| "available": "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", | |
| "description": "A use-after-free issue was addressed by removing the vulnerable code.", | |
| "update": "", | |
| "module": "CFNetwork", | |
| "id": "CVE-2025-43222", | |
| "credit": "Andreas Jaegersberger & Ro Achterberg of Nosebeard Labs", | |
| "page": "https://support.apple.com/en-us/124148", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "A non-privileged user may be able to modify restricted network settings", | |
| "available": "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", | |
| "description": "A denial-of-service issue was addressed with improved input validation.", | |
| "update": "", | |
| "module": "CFNetwork", | |
| "id": "CVE-2025-43223", | |
| "credit": "Andreas Jaegersberger & Ro Achterberg of Nosebeard Labs", | |
| "page": "https://support.apple.com/en-us/124147", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory", | |
| "available": "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", | |
| "description": "An out-of-bounds access issue was addressed with improved bounds checking.", | |
| "update": "", | |
| "module": "Model I/O", | |
| "id": "CVE-2025-43224", | |
| "credit": "Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative", | |
| "page": "https://support.apple.com/en-us/124147", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "An app may be able to access sensitive user data", | |
| "available": "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", | |
| "description": "A logging issue was addressed with improved data redaction.", | |
| "update": "", | |
| "module": "Notes", | |
| "id": "CVE-2025-43225", | |
| "credit": "Kirin (@Pwnrin)", | |
| "page": "https://support.apple.com/en-us/124148", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "Processing a maliciously crafted image may result in disclosure of process memory", | |
| "available": "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", | |
| "description": "An out-of-bounds read was addressed with improved input validation.", | |
| "update": "", | |
| "module": "ImageIO", | |
| "id": "CVE-2025-43226", | |
| "credit": "", | |
| "page": "https://support.apple.com/en-us/124147", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "Processing maliciously crafted web content may disclose sensitive user information", | |
| "available": "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", | |
| "description": "This issue was addressed through improved state management.", | |
| "update": "", | |
| "module": "WebKit", | |
| "id": "CVE-2025-43227", | |
| "credit": "Gilad Moav", | |
| "bugzilla": "292888", | |
| "page": "https://support.apple.com/en-us/124147", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "Visiting a malicious website may lead to address bar spoofing", | |
| "available": "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", | |
| "description": "The issue was addressed with improved UI.", | |
| "update": "", | |
| "module": "WebKit", | |
| "id": "CVE-2025-43228", | |
| "credit": "Jaydev Ahire", | |
| "bugzilla": "294374", | |
| "page": "https://support.apple.com/en-us/124147", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "Processing maliciously crafted web content may lead to universal cross site scripting", | |
| "available": "macOS Sequoia", | |
| "description": "This issue was addressed through improved state management.", | |
| "update": "", | |
| "module": "WebKit", | |
| "id": "CVE-2025-43229", | |
| "credit": "Martin Bajanik of Fingerprint, Ammar Askar", | |
| "bugzilla": "285927", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "An app may be able to access user-sensitive data", | |
| "available": "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", | |
| "description": "The issue was addressed with additional permissions checks.", | |
| "update": "", | |
| "module": "CoreMedia Playback", | |
| "id": "CVE-2025-43230", | |
| "credit": "Chi Yuan Chang of ZUSO ART and taikosoup", | |
| "page": "https://support.apple.com/en-us/124147", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "An app may be able to bypass certain Privacy preferences", | |
| "available": "macOS Sequoia", | |
| "description": "A permissions issue was addressed with additional restrictions.", | |
| "update": "", | |
| "module": "PackageKit", | |
| "id": "CVE-2025-43232", | |
| "credit": "Koh M. Nakagawa (@tsunek0h), Csaba Fitzl (@theevilbit) of Kandji and Gergely Kalman (@gergely_kalman)", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "A malicious app acting as a HTTPS proxy could get access to sensitive user data", | |
| "available": "macOS Sequoia", | |
| "description": "This issue was addressed with improved access restrictions.", | |
| "update": "", | |
| "module": "Security", | |
| "id": "CVE-2025-43233", | |
| "credit": "Wojciech Regula of SecuRing (wojciechregula.blog)", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "Processing a maliciously crafted texture may lead to unexpected app termination", | |
| "available": "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", | |
| "description": "Multiple memory corruption issues were addressed with improved input validation.", | |
| "update": "", | |
| "module": "Metal", | |
| "id": "CVE-2025-43234", | |
| "credit": "Vlad Stolyarov of Google's Threat Analysis Group", | |
| "page": "https://support.apple.com/en-us/124147", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "An app may be able to cause a denial-of-service", | |
| "available": "macOS Sequoia", | |
| "description": "The issue was addressed with improved memory handling.", | |
| "update": "", | |
| "module": "Power Management", | |
| "id": "CVE-2025-43235", | |
| "credit": "Dawuge of Shuffle Team", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "An attacker may be able to cause unexpected app termination", | |
| "available": "macOS Sequoia", | |
| "description": "A type confusion issue was addressed with improved memory handling.", | |
| "update": "", | |
| "module": "Power Management", | |
| "id": "CVE-2025-43236", | |
| "credit": "Dawuge of Shuffle Team", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "An app may be able to cause unexpected system termination", | |
| "available": "macOS Sequoia", | |
| "description": "An out-of-bounds write issue was addressed with improved bounds checking.", | |
| "update": "", | |
| "module": "WebContentFilter", | |
| "id": "CVE-2025-43237", | |
| "credit": "an anonymous researcher", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "An app may be able to cause unexpected system termination", | |
| "available": "macOS Sequoia", | |
| "description": "An integer overflow was addressed with improved input validation.", | |
| "update": "", | |
| "module": "Xsan", | |
| "id": "CVE-2025-43238", | |
| "credit": "an anonymous researcher", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "Processing a maliciously crafted file may lead to unexpected app termination", | |
| "available": "macOS Sequoia", | |
| "description": "An out-of-bounds access issue was addressed with improved bounds checking.", | |
| "update": "", | |
| "module": "sips", | |
| "id": "CVE-2025-43239", | |
| "credit": "Nikolai Skliarenko of Trend Micro Zero Day Initiative", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "A download's origin may be incorrectly associated", | |
| "available": "macOS Sequoia", | |
| "description": "A logic issue was addressed with improved checks.", | |
| "update": "", | |
| "module": "WebKit", | |
| "id": "CVE-2025-43240", | |
| "credit": "Syarif Muhammad Sajjad", | |
| "bugzilla": "293994", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "An app may be able to read files outside of its sandbox", | |
| "available": "macOS Sequoia", | |
| "description": "A permissions issue was addressed with additional restrictions.", | |
| "update": "", | |
| "module": "SceneKit", | |
| "id": "CVE-2025-43241", | |
| "credit": "Mickey Jin (@patch1t)", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "An app may be able to modify protected parts of the file system", | |
| "available": "macOS Sequoia", | |
| "description": "A permissions issue was addressed with additional restrictions.", | |
| "update": "", | |
| "module": "Software Update", | |
| "id": "CVE-2025-43243", | |
| "credit": "Keith Yeo (@kyeojy) from Team Orca of Sea Security, Mickey Jin (@patch1t)", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "An app may be able to cause unexpected system termination", | |
| "available": "macOS Sequoia", | |
| "description": "A race condition was addressed with improved state handling.", | |
| "update": "", | |
| "module": "AMD", | |
| "id": "CVE-2025-43244", | |
| "credit": "ABC Research s.r.o.", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "An app may be able to access protected user data", | |
| "available": "macOS Sequoia", | |
| "description": "A downgrade issue was addressed with additional code-signing restrictions.", | |
| "update": "", | |
| "module": "AppleMobileFileIntegrity", | |
| "id": "CVE-2025-43245", | |
| "credit": "Mickey Jin (@patch1t)", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "An app may be able to access sensitive user data", | |
| "available": "macOS Sequoia", | |
| "description": "This issue was addressed with improved checks.", | |
| "update": "", | |
| "module": "Spotlight", | |
| "id": "CVE-2025-43246", | |
| "credit": "Mickey Jin (@patch1t)", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "A malicious app with root privileges may be able to modify the contents of system files", | |
| "available": "macOS Sequoia", | |
| "description": "A permissions issue was addressed with additional restrictions.", | |
| "update": "", | |
| "module": "PackageKit", | |
| "id": "CVE-2025-43247", | |
| "credit": "Mickey Jin (@patch1t)", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "A malicious app may be able to gain root privileges", | |
| "available": "macOS Sequoia", | |
| "description": "A logic issue was addressed with improved restrictions.", | |
| "update": "", | |
| "module": "AppleMobileFileIntegrity", | |
| "id": "CVE-2025-43248", | |
| "credit": "Mickey Jin (@patch1t)", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "An app may be able to gain root privileges", | |
| "available": "macOS Sequoia", | |
| "description": "A logic issue was addressed with improved checks.", | |
| "update": "", | |
| "module": "AppleMobileFileIntegrity", | |
| "id": "CVE-2025-43249", | |
| "credit": "Mickey Jin (@patch1t)", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "An app may be able to break out of its sandbox", | |
| "available": "macOS Sequoia", | |
| "description": "A path handling issue was addressed with improved validation.", | |
| "update": "", | |
| "module": "SharedFileList", | |
| "id": "CVE-2025-43250", | |
| "credit": "Mickey Jin (@patch1t), Yuebin Sun (@yuebinsun2020)", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "A local attacker may gain access to Keychain items", | |
| "available": "macOS Sequoia", | |
| "description": "An authorization issue was addressed with improved state management.", | |
| "update": "", | |
| "module": "User Management", | |
| "id": "CVE-2025-43251", | |
| "credit": "Mickey Jin (@patch1t)", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "A website may be able to access sensitive user data when resolving symlinks", | |
| "available": "macOS Sequoia", | |
| "description": "This issue was addressed by adding an additional prompt for user consent.", | |
| "update": "", | |
| "module": "zip", | |
| "id": "CVE-2025-43252", | |
| "credit": "Jonathan Bar Or (@yo_yo_yo_jbo) of Microsoft", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "A malicious app may be able to launch arbitrary binaries on a trusted device", | |
| "available": "macOS Sequoia", | |
| "description": "This issue was addressed with improved input validation.", | |
| "update": "", | |
| "module": "AppleMobileFileIntegrity", | |
| "id": "CVE-2025-43253", | |
| "credit": "Noah Gregory (wts.dev)", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "Processing a maliciously crafted file may lead to unexpected app termination", | |
| "available": "macOS Sequoia", | |
| "description": "An out-of-bounds read was addressed with improved input validation.", | |
| "update": "", | |
| "module": "file", | |
| "id": "CVE-2025-43254", | |
| "credit": "2ourc3 | Salim Largo", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "An app may be able to cause unexpected system termination", | |
| "available": "macOS Sequoia", | |
| "description": "An out-of-bounds read was addressed with improved bounds checking.", | |
| "update": "", | |
| "module": "GPU Drivers", | |
| "id": "CVE-2025-43255", | |
| "credit": "Anonymous working with Trend Micro Zero Day Initiative", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "An app may be able to gain root privileges", | |
| "available": "macOS Sequoia", | |
| "description": "This issue was addressed through improved state management.", | |
| "update": "", | |
| "module": "StorageKit", | |
| "id": "CVE-2025-43256", | |
| "credit": "an anonymous researcher", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "An app may be able to break out of its sandbox", | |
| "available": "macOS Sequoia", | |
| "description": "This issue was addressed with improved handling of symlinks.", | |
| "update": "", | |
| "module": "Archive Utility", | |
| "id": "CVE-2025-43257", | |
| "credit": "Mickey Jin (@patch1t)", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "An attacker with physical access to a locked device may be able to view sensitive user information", | |
| "available": "macOS Sequoia", | |
| "description": "This issue was addressed with improved redaction of sensitive information.", | |
| "update": "", | |
| "module": "WindowServer", | |
| "id": "CVE-2025-43259", | |
| "credit": "Martti H\u00fctt", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "An app may be able to hijack entitlements granted to other privileged apps", | |
| "available": "macOS Sequoia", | |
| "description": "This issue was addressed with improved data protection.", | |
| "update": "", | |
| "module": "PackageKit", | |
| "id": "CVE-2025-43260", | |
| "credit": "Zhongquan Li (@Guluisacat)", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "An app may be able to break out of its sandbox", | |
| "available": "macOS Sequoia", | |
| "description": "A logic issue was addressed with improved checks.", | |
| "update": "", | |
| "module": "File Bookmark", | |
| "id": "CVE-2025-43261", | |
| "credit": "an anonymous researcher", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "Processing a maliciously crafted image may corrupt process memory", | |
| "available": "macOS Sequoia", | |
| "description": "The issue was addressed with improved memory handling.", | |
| "update": "", | |
| "module": "Model I/O", | |
| "id": "CVE-2025-43264", | |
| "credit": "Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "Processing maliciously crafted web content may disclose internal states of the app", | |
| "available": "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", | |
| "description": "An out-of-bounds read was addressed with improved input validation.", | |
| "update": "", | |
| "module": "WebKit", | |
| "id": "CVE-2025-43265", | |
| "credit": "HexRabbit (@h3xr4bb1t) from DEVCORE Research Team", | |
| "bugzilla": "294182", | |
| "page": "https://support.apple.com/en-us/124147", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "An app may be able to break out of its sandbox", | |
| "available": "macOS Sequoia", | |
| "description": "A permissions issue was addressed with additional restrictions.", | |
| "update": "", | |
| "module": "NSSpellChecker", | |
| "id": "CVE-2025-43266", | |
| "credit": "Noah Gregory (wts.dev)", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "An app may be able to access sensitive user data", | |
| "available": "macOS Sequoia", | |
| "description": "An injection issue was addressed with improved validation.", | |
| "update": "", | |
| "module": "Directory Utility", | |
| "id": "CVE-2025-43267", | |
| "credit": "Mickey Jin (@patch1t)", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "A malicious app may be able to gain root privileges", | |
| "available": "macOS Sequoia", | |
| "description": "A permissions issue was addressed with additional restrictions.", | |
| "update": "", | |
| "module": "Kernel", | |
| "id": "CVE-2025-43268", | |
| "credit": "Gergely Kalman (@gergely_kalman), Arsenii Kostromin (0x3c3e)", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "An app may gain unauthorized access to Local Network", | |
| "available": "macOS Sequoia", | |
| "description": "An access issue was addressed with additional sandbox restrictions.", | |
| "update": "", | |
| "module": "Notes", | |
| "id": "CVE-2025-43270", | |
| "credit": "Minqiang Gui", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "A sandboxed process may be able to circumvent sandbox restrictions", | |
| "available": "macOS Sequoia", | |
| "description": "A permissions issue was addressed with additional sandbox restrictions.", | |
| "update": "", | |
| "module": "CoreMedia", | |
| "id": "CVE-2025-43273", | |
| "credit": "Seo Hyun-gyu (@wh1te4ever), Dora Orak, Minghao Lin (@Y1nKoc) and XiLong Zhang (@Resery4) of Xiaomi and noir (@ROIS) and fmyy (@\u98ce\u6c90\u4e91\u70df)", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "A sandboxed process may be able to circumvent sandbox restrictions", | |
| "available": "macOS Sequoia", | |
| "description": "A privacy issue was addressed by removing the vulnerable code.", | |
| "update": "", | |
| "module": "RemoteViewServices", | |
| "id": "CVE-2025-43274", | |
| "credit": "an anonymous researcher, Hikerell of Loadshine Lab, @zlluny", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "An app may be able to break out of its sandbox", | |
| "available": "macOS Sequoia", | |
| "description": "A race condition was addressed with additional validation.", | |
| "update": "", | |
| "module": "NetAuth", | |
| "id": "CVE-2025-43275", | |
| "credit": "Csaba Fitzl (@theevilbit) of Kandji", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "iCloud Private Relay may not activate when more than one user is logged in at the same time", | |
| "available": "macOS Sequoia", | |
| "description": "A logic error was addressed with improved error handling.", | |
| "update": "", | |
| "module": "Kernel", | |
| "id": "CVE-2025-43276", | |
| "credit": "Willey Lin", | |
| "page": "https://support.apple.com/en-us/124149", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "Processing a maliciously crafted audio file may lead to memory corruption", | |
| "available": "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", | |
| "description": "The issue was addressed with improved memory handling.", | |
| "update": "", | |
| "module": "CoreAudio", | |
| "id": "CVE-2025-43277", | |
| "credit": "Google's Threat Analysis Group", | |
| "page": "https://support.apple.com/en-us/124147", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "Processing maliciously crafted web content may lead to an unexpected Safari crash", | |
| "available": "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", | |
| "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", | |
| "update": "", | |
| "module": "WebKit", | |
| "id": "CVE-2025-6558", | |
| "credit": "Cl\u00e9ment Lecigne and Vlad Stolyarov of Google's Threat Analysis Group", | |
| "bugzilla": "296459", | |
| "page": "https://support.apple.com/en-us/124147", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "Processing maliciously crafted web content may lead to memory corruption", | |
| "available": "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", | |
| "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", | |
| "update": "", | |
| "module": "libxslt", | |
| "id": "CVE-2025-7424", | |
| "credit": "Ivan Fratric of Google Project Zero", | |
| "page": "https://support.apple.com/en-us/124147", | |
| "rsr": "" | |
| }, | |
| { | |
| "impact": "Processing a file may lead to memory corruption", | |
| "available": "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", | |
| "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", | |
| "update": "", | |
| "module": "libxml2", | |
| "id": "CVE-2025-7425", | |
| "credit": "Sergei Glazunov of Google Project Zero", | |
| "page": "https://support.apple.com/en-us/124147", | |
| "rsr": "" | |
| } | |
| ] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment