CVE-2025-24225 | THREATINT

Description

An injection issue was addressed with improved input validation. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7. Processing an email may lead to user interface spoofing.

PUBLISHED Reserved 2025-01-17 | Published 2025-05-12 | Updated 2026-04-02 | Assigner apple

Problem types

Processing an email may lead to user interface spoofing

Product status

Any version before 18.5

affected

Any version before 17.7.7

affected

References

seclists.org/fulldisclosure/2025/May/6

support.apple.com/en-us/122404

support.apple.com/en-us/122405

cve.org (CVE-2025-24225)

nvd.nist.gov (CVE-2025-24225)

Download JSON