Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog
Консоль
Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog

exploitDog

fstec Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

BDU:2025-13931

ΠžΠΏΡƒΠ±Π»ΠΈΠΊΠΎΠ²Π°Π½ΠΎ: 05 нояб. 2025
Π˜ΡΡ‚ΠΎΡ‡Π½ΠΈΠΊ: fstec
CVSS3: 4.3
CVSS2: 5
EPSS Низкий

ОписаниС

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ модуля отобраТСния Π²Π΅Π±-страниц WebKit ΠΎΠΏΠ΅Ρ€Π°Ρ†ΠΈΠΎΠ½Π½Ρ‹Ρ… систСм iOS ΠΈ iPadOS связана с использованиСм памяти послС Π΅Π΅ освобоТдСния. Эксплуатация уязвимости ΠΌΠΎΠΆΠ΅Ρ‚ ΠΏΠΎΠ·Π²ΠΎΠ»ΠΈΡ‚ΡŒ Π½Π°Ρ€ΡƒΡˆΠΈΡ‚Π΅Π»ΡŽ, Π΄Π΅ΠΉΡΡ‚Π²ΡƒΡŽΡ‰Π΅ΠΌΡƒ ΡƒΠ΄Π°Π»Π΅Π½Π½ΠΎ, Π²Ρ‹Π·Π²Π°Ρ‚ΡŒ ΠΎΡ‚ΠΊΠ°Π· Π² обслуТивании

Π’Π΅Π½Π΄ΠΎΡ€

Apple Inc.

НаимСнованиС ПО

iPadOS
iOS

ВСрсия ПО

Π΄ΠΎ 18.7.2 (iPadOS)
Π΄ΠΎ 18.7.2 (iOS)

Вип ПО

ΠžΠΏΠ΅Ρ€Π°Ρ†ΠΈΠΎΠ½Π½Π°Ρ систСма

ΠžΠΏΠ΅Ρ€Π°Ρ†ΠΈΠΎΠ½Π½Ρ‹Π΅ систСмы ΠΈ Π°ΠΏΠΏΠ°Ρ€Π°Ρ‚Π½Ρ‹Π΅ ΠΏΠ»Π°Ρ‚Ρ„ΠΎΡ€ΠΌΡ‹

Apple Inc. iPadOS Π΄ΠΎ 18.7.2
Apple Inc. iOS Π΄ΠΎ 18.7.2

Π£Ρ€ΠΎΠ²Π΅Π½ΡŒ опасности уязвимости

Π‘Ρ€Π΅Π΄Π½ΠΈΠΉ ΡƒΡ€ΠΎΠ²Π΅Π½ΡŒ опасности (базовая ΠΎΡ†Π΅Π½ΠΊΠ° CVSS 2.0 составляСт 5)
Π‘Ρ€Π΅Π΄Π½ΠΈΠΉ ΡƒΡ€ΠΎΠ²Π΅Π½ΡŒ опасности (базовая ΠΎΡ†Π΅Π½ΠΊΠ° CVSS 3.1 составляСт 4,3)

Π’ΠΎΠ·ΠΌΠΎΠΆΠ½Ρ‹Π΅ ΠΌΠ΅Ρ€Ρ‹ ΠΏΠΎ ΡƒΡΡ‚Ρ€Π°Π½Π΅Π½ΠΈΡŽ уязвимости

ИспользованиС Ρ€Π΅ΠΊΠΎΠΌΠ΅Π½Π΄Π°Ρ†ΠΈΠΉ:
https://support.apple.com/en-us/125633

Бтатус уязвимости

ΠŸΠΎΠ΄Ρ‚Π²Π΅Ρ€ΠΆΠ΄Π΅Π½Π° ΠΏΡ€ΠΎΠΈΠ·Π²ΠΎΠ΄ΠΈΡ‚Π΅Π»Π΅ΠΌ

НаличиС эксплойта

Π”Π°Π½Π½Ρ‹Π΅ ΡƒΡ‚ΠΎΡ‡Π½ΡΡŽΡ‚ΡΡ

Π˜Π½Ρ„ΠΎΡ€ΠΌΠ°Ρ†ΠΈΡ ΠΎΠ± устранСнии

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ устранСна

Бсылки Π½Π° источники

Π˜Π΄Π΅Π½Ρ‚ΠΈΡ„ΠΈΠΊΠ°Ρ‚ΠΎΡ€Ρ‹ Π΄Ρ€ΡƒΠ³ΠΈΡ… систСм описаний уязвимостСй

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 11%
0.00036
Низкий

4.3 Medium

CVSS3

5 Medium

CVSS2

БвязанныС уязвимости

ubuntu Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2025-43438

CVSS3: 4.3
ubuntu
5 мСсяцСв Π½Π°Π·Π°Π΄

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1, watchOS 26.1. Processing maliciously crafted web content may lead to an unexpected Safari crash.

redhat Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2025-43438

CVSS3: 8.8
redhat
26 Π΄Π½Π΅ΠΉ Π½Π°Π·Π°Π΄

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1, watchOS 26.1. Processing maliciously crafted web content may lead to an unexpected Safari crash.

nvd Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2025-43438

CVSS3: 4.3
nvd
5 мСсяцСв Π½Π°Π·Π°Π΄

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1, watchOS 26.1. Processing maliciously crafted web content may lead to an unexpected Safari crash.

debian Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2025-43438

CVSS3: 4.3
debian
5 мСсяцСв Π½Π°Π·Π°Π΄

A use-after-free issue was addressed with improved memory management. ...

github Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

GHSA-h3q9-mrw5-m795

CVSS3: 4.3
github
5 мСсяцСв Π½Π°Π·Π°Π΄

A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 26.1, iOS 26.1 and iPadOS 26.1, Safari 26.1, visionOS 26.1. Processing maliciously crafted web content may lead to an unexpected Safari crash.

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 11%
0.00036
Низкий

4.3 Medium

CVSS3

5 Medium

CVSS2

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ BDU:2025-13931