CVE-2025-43250

Опубликовано: 30 июл. 2025

Источник: nvd

CVSS3: 4

EPSS Низкий

Описание

A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to break out of its sandbox.

Ссылки

https://support.apple.com/en-us/124149
Release Notes
Vendor Advisory
https://support.apple.com/en-us/124150
Release Notes
Vendor Advisory
https://support.apple.com/en-us/124151
Release Notes
Vendor Advisory
http://seclists.org/fulldisclosure/2025/Jul/32
http://seclists.org/fulldisclosure/2025/Jul/33
http://seclists.org/fulldisclosure/2025/Jul/34

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Версия до 13.7.7 (исключая)

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Версия от 14.0 (включая) до 14.7.7 (исключая)

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Версия от 15.0 (включая) до 15.6 (исключая)

EPSS

Процентиль: 5%

0.00022

Низкий

4 Medium

CVSS3

Дефекты

CWE-22

Связанные уязвимости

GHSA-g8v4-9frj-vr9f

CVSS3: 4

github

6 месяцев назад

A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to break out of its sandbox.

EPSS

Процентиль: 5%

0.00022

Низкий

4 Medium

CVSS3

Дефекты

CWE-22