CVE-2025-43227

{"id": "CVE-2025-43227", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2025-07-30T00:15:34.803", "references": [{"url": "https://support.apple.com/en-us/124147", "tags": ["Release Notes", "Vendor Advisory"], "source": "[email protected]"}, {"url": "https://support.apple.com/en-us/124149", "tags": ["Release Notes", "Vendor Advisory"], "source": "[email protected]"}, {"url": "https://support.apple.com/en-us/124152", "tags": ["Release Notes", "Vendor Advisory"], "source": "[email protected]"}, {"url": "https://support.apple.com/en-us/124153", "tags": ["Release Notes", "Vendor Advisory"], "source": "[email protected]"}, {"url": "https://support.apple.com/en-us/124154", "tags": ["Release Notes", "Vendor Advisory"], "source": "[email protected]"}, {"url": "https://support.apple.com/en-us/124155", "tags": ["Release Notes", "Vendor Advisory"], "source": "[email protected]"}, {"url": "http://seclists.org/fulldisclosure/2025/Aug/0", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://seclists.org/fulldisclosure/2025/Jul/30", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://seclists.org/fulldisclosure/2025/Jul/32", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://seclists.org/fulldisclosure/2025/Jul/35", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://seclists.org/fulldisclosure/2025/Jul/36", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.openwall.com/lists/oss-security/2025/08/02/1", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.debian.org/debian-lts-announce/2025/08/msg00015.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-359"}]}], "descriptions": [{"lang": "en", "value": "This issue was addressed through improved state management. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, watchOS 11.6, visionOS 2.6. Processing maliciously crafted web content may disclose sensitive user information."}, {"lang": "es", "value": "Este problema se solucion\u00f3 mejorando la gesti\u00f3n de estado. Est\u00e1 corregido en iOS 18.6 y iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, watchOS 11.6 y visionOS 2.6. El procesamiento de contenido web manipulado con fines malintencionados puede revelar informaci\u00f3n confidencial del usuario."}], "lastModified": "2025-11-04T22:16:13.733", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "969AD7A8-5CCF-4607-BBE8-E06E642A170C", "versionEndExcluding": "18.6"}, {"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8ED4015E-C707-4A91-86B3-23100E0DFA8F", "versionEndExcluding": "18.6"}, {"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BD9D42A7-DE2A-4D5A-8C7B-002A60148483", "versionEndExcluding": "18.6"}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "077E4BB7-4A8B-4D18-BCD7-2938A2B8B9C8", "versionEndExcluding": "15.6"}, {"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FBC1698A-3E9C-4055-B23A-13A3C22BD6EE", "versionEndExcluding": "18.6"}, {"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EADBC0BD-ECAC-4E0A-B490-24649AFE5355", "versionEndExcluding": "2.6"}, {"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "35D9C2D7-6120-4631-8D0B-259641DFD85B", "versionEndExcluding": "11.6"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}