exploitDog

CVE-2025-31248

Опубликовано: 21 нояб. 2025

Источник: nvd

CVSS3: 5.5

EPSS Низкий

Описание

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.5, macOS Sonoma 14.7.3. An app may be able to access sensitive user data.

Ссылки

https://support.apple.com/en-us/122069
Release Notes
Vendor Advisory
https://support.apple.com/en-us/122070
Release Notes
Vendor Advisory
https://support.apple.com/en-us/122716
Release Notes
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Версия до 13.7.3 (исключая)

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Версия от 14.0 (включая) до 14.7.3 (исключая)

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Версия от 15.0 (включая) до 15.5 (исключая)

EPSS

Процентиль: 5%

0.00021

Низкий

5.5 Medium

CVSS3

Дефекты

CWE-22

Связанные уязвимости

GHSA-ph6x-4x3p-j2mg

CVSS3: 5.5

github

3 месяца назад

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.5, macOS Sonoma 14.7.3. An app may be able to access sensitive user data.

EPSS

Процентиль: 5%

0.00021

Низкий

5.5 Medium

CVSS3

Дефекты

CWE-22