CVE-2025-43266

Опубликовано: 30 июл. 2025

Источник: nvd

CVSS3: 5.1

EPSS Низкий

Описание

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to break out of its sandbox.

Ссылки

https://support.apple.com/en-us/124149
Release Notes
Vendor Advisory
https://support.apple.com/en-us/124150
Release Notes
Vendor Advisory
https://support.apple.com/en-us/124151
Release Notes
Vendor Advisory
http://seclists.org/fulldisclosure/2025/Jul/32
http://seclists.org/fulldisclosure/2025/Jul/33
http://seclists.org/fulldisclosure/2025/Jul/34

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Версия до 13.7.7 (исключая)

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Версия от 14.0 (включая) до 14.7.7 (исключая)

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Версия от 15.0 (включая) до 15.6 (исключая)

EPSS

Процентиль: 2%

0.00013

Низкий

5.1 Medium

CVSS3

Дефекты

CWE-732

Связанные уязвимости

GHSA-jgr8-94f3-hp4c

CVSS3: 5.1

github

6 месяцев назад

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to break out of its sandbox.

EPSS

Процентиль: 2%

0.00013

Низкий

5.1 Medium

CVSS3

Дефекты

CWE-732