CVE-2025-31217 | THREATINT

Description

The issue was addressed with improved input validation. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. Processing maliciously crafted web content may lead to an unexpected Safari crash.

PUBLISHED Reserved 2025-03-27 | Published 2025-05-12 | Updated 2026-04-02 | Assigner apple

Problem types

Processing maliciously crafted web content may lead to an unexpected Safari crash

Product status

Any version before 18.5

affected

Any version before 18.5

affected

Any version before 17.7.7

affected

Any version before 15.5

affected

Any version before 18.5

affected

Any version before 2.5

affected

Any version before 11.5

affected

References

seclists.org/fulldisclosure/2025/May/13

seclists.org/fulldisclosure/2025/May/12

seclists.org/fulldisclosure/2025/May/10

seclists.org/fulldisclosure/2025/May/7

seclists.org/fulldisclosure/2025/May/6

seclists.org/fulldisclosure/2025/May/5

support.apple.com/en-us/122404

support.apple.com/en-us/122405

support.apple.com/en-us/122716

support.apple.com/en-us/122719

support.apple.com/en-us/122720

support.apple.com/en-us/122721

support.apple.com/en-us/122722

cve.org (CVE-2025-31217)

nvd.nist.gov (CVE-2025-31217)

Download JSON

help @ threatint.eu