CVE-2025-31189

Опубликовано: 29 мая 2025

Источник: nvd

CVSS3: 8.2

EPSS Низкий

Описание

A file quarantine bypass was addressed with additional checks. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to break out of its sandbox.

Ссылки

https://support.apple.com/en-us/122373
Release Notes
Vendor Advisory
https://support.apple.com/en-us/122374
Release Notes
Vendor Advisory
https://support.apple.com/en-us/122375
Release Notes
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Версия до 13.7.5 (исключая)

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Версия от 14.0 (включая) до 14.7.5 (исключая)

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Версия от 15.0 (включая) до 15.4 (исключая)

EPSS

Процентиль: 1%

0.00011

Низкий

8.2 High

CVSS3

Дефекты

CWE-693

Связанные уязвимости

GHSA-g8qx-492c-9982

CVSS3: 8.2

github

8 месяцев назад

A file quarantine bypass was addressed with additional checks. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to break out of its sandbox.

EPSS

Процентиль: 1%

0.00011

Низкий

8.2 High

CVSS3

Дефекты

CWE-693