CVE-2025-43252 | THREATINT

Description

This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Sequoia 15.6. A website may be able to access sensitive user data when resolving symlinks.

PUBLISHED Reserved 2025-04-16 | Published 2025-07-29 | Updated 2025-11-03 | Assigner apple

Problem types

A website may be able to access sensitive user data when resolving symlinks

Product status

Any version before 15.6

affected

References

seclists.org/fulldisclosure/2025/Jul/32

support.apple.com/en-us/124149

cve.org (CVE-2025-43252)

nvd.nist.gov (CVE-2025-43252)