CVE-2025-43275

Опубликовано: 30 июл. 2025

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

A race condition was addressed with additional validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to break out of its sandbox.

Ссылки

https://support.apple.com/en-us/124149
Release Notes
Vendor Advisory
https://support.apple.com/en-us/124150
Release Notes
Vendor Advisory
https://support.apple.com/en-us/124151
Release Notes
Vendor Advisory
http://seclists.org/fulldisclosure/2025/Jul/32
http://seclists.org/fulldisclosure/2025/Jul/33
http://seclists.org/fulldisclosure/2025/Jul/34

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Версия до 13.7.7 (исключая)

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Версия от 14.0 (включая) до 14.7.7 (исключая)

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Версия от 15.0 (включая) до 15.6 (исключая)

EPSS

Процентиль: 21%

0.0007

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-362

Связанные уязвимости

GHSA-crj5-hvmf-x76c

CVSS3: 9.8

github

6 месяцев назад

A race condition was addressed with additional validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to break out of its sandbox.

EPSS

Процентиль: 21%

0.0007

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-362