CVE-2025-30440

Опубликовано: 12 мая 2025

Источник: nvd

CVSS3: 5.5

EPSS Низкий

Описание

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.6, macOS Sequoia 15.5, macOS Sonoma 14.7.6. An app may be able to bypass ASLR.

Ссылки

https://support.apple.com/en-us/122716
Release Notes
Vendor Advisory
https://support.apple.com/en-us/122717
Release Notes
Vendor Advisory
https://support.apple.com/en-us/122718
Release Notes
Vendor Advisory
http://seclists.org/fulldisclosure/2025/May/7
http://seclists.org/fulldisclosure/2025/May/9

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Версия до 13.7.6 (исключая)

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Версия от 14.0 (включая) до 14.7.6 (исключая)

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Версия от 15.0 (включая) до 15.5 (исключая)

EPSS

Процентиль: 6%

0.00024

Низкий

5.5 Medium

CVSS3

Дефекты

CWE-863

Связанные уязвимости

GHSA-cp2m-j67p-96qc

CVSS3: 5.5

github

9 месяцев назад

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.6, macOS Sequoia 15.5, macOS Sonoma 14.7.6. An app may be able to bypass ASLR.

EPSS

Процентиль: 6%

0.00024

Низкий

5.5 Medium

CVSS3

Дефекты

CWE-863