CVE-2025-43227 | THREATINT

Description

This issue was addressed through improved state management. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may disclose sensitive user information.

PUBLISHED Reserved 2025-04-16 | Published 2025-07-29 | Updated 2026-04-02 | Assigner apple

Problem types

Processing maliciously crafted web content may disclose sensitive user information

Product status

Any version before 18.6

affected

Any version before 18.6

affected

Any version before 15.6

affected

Any version before 18.6

affected

Any version before 2.6

affected

Any version before 11.6

affected

References

lists.debian.org/debian-lts-announce/2025/08/msg00015.html

seclists.org/fulldisclosure/2025/Aug/0

seclists.org/fulldisclosure/2025/Jul/36

seclists.org/fulldisclosure/2025/Jul/35

seclists.org/fulldisclosure/2025/Jul/32

seclists.org/fulldisclosure/2025/Jul/30

www.openwall.com/lists/oss-security/2025/08/02/1

support.apple.com/en-us/124147

support.apple.com/en-us/124149

support.apple.com/en-us/124152

support.apple.com/en-us/124153

support.apple.com/en-us/124154

support.apple.com/en-us/124155

cve.org (CVE-2025-43227)

nvd.nist.gov (CVE-2025-43227)

Download JSON

help @ threatint.eu