Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-cpwx-wfp4-x368

Опубликовано: 21 авг. 2025
Источник: github
Github: Не прошло ревью
CVSS3: 8.8

Описание

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Sonoma 14.7.8, macOS Ventura 13.7.8, iPadOS 17.7.10, macOS Sequoia 15.6.1, iOS 18.6.2 and iPadOS 18.6.2. Processing a malicious image file may result in memory corruption. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Sonoma 14.7.8, macOS Ventura 13.7.8, iPadOS 17.7.10, macOS Sequoia 15.6.1, iOS 18.6.2 and iPadOS 18.6.2. Processing a malicious image file may result in memory corruption. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.

Ссылки

EPSS

Процентиль: 76%
0.0097
Низкий

8.8 High

CVSS3

CVE ID

CVE-2025-43300

Дефекты

CWE-787

Связанные уязвимости

nvd логотип

CVE-2025-43300

CVSS3: 10
nvd
6 месяцев назад

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.8.5 and iPadOS 15.8.5, iOS 16.7.12 and iPadOS 16.7.12. Processing a malicious image file may result in memory corruption. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.

fstec логотип

BDU:2025-10189

CVSS3: 8.8
fstec
6 месяцев назад

Уязвимость фреймворка для обработки изображений ImageIO операционных систем iOS, iPadOS, macOS, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 76%
0.0097
Низкий

8.8 High

CVSS3

CVE ID

CVE-2025-43300

Дефекты

CWE-787