exploitDog

CVE-2025-31198

Опубликовано: 29 мая 2025

Источник: nvd

CVSS3: 5.5

EPSS Низкий

Описание

This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. A path handling issue was addressed with improved validation.

Ссылки

https://support.apple.com/en-us/122373
Release Notes
Vendor Advisory
https://support.apple.com/en-us/122374
Release Notes
Vendor Advisory
https://support.apple.com/en-us/122375
Release Notes
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Версия до 13.7.5 (исключая)

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Версия от 14.0 (включая) до 14.7.5 (исключая)

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Версия от 15.0 (включая) до 15.4 (исключая)

EPSS

Процентиль: 4%

0.00018

Низкий

5.5 Medium

CVSS3

Дефекты

CWE-59

Связанные уязвимости

GHSA-xc75-cc6q-49fg

CVSS3: 5.5

github

8 месяцев назад

This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. A path handling issue was addressed with improved validation.

EPSS

Процентиль: 4%

0.00018

Низкий

5.5 Medium

CVSS3

Дефекты

CWE-59