CVE-2025-43457

Опубликовано: 04 нояб. 2025

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 26.1, macOS Tahoe 26.1, iOS 26.1 and iPadOS 26.1, Safari 26.1, visionOS 26.1. Processing maliciously crafted web content may lead to an unexpected Safari crash.

Ссылки

https://support.apple.com/en-us/125632
Release Notes
Vendor Advisory
https://support.apple.com/en-us/125634
https://support.apple.com/en-us/125638
Release Notes
Vendor Advisory
https://support.apple.com/en-us/125639
Release Notes
Vendor Advisory
https://support.apple.com/en-us/125640
Release Notes
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*

Версия до 26.1 (исключая)

cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*

Версия до 26.1 (исключая)

cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

Версия до 26.1 (исключая)

cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*

Версия до 26.1 (исключая)

cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*

Версия до 26.1 (исключая)

EPSS

Процентиль: 16%

0.00051

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-416

Связанные уязвимости

GHSA-9c63-94gf-85h2

CVSS3: 6.5

github

3 месяца назад

A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 26.1, iOS 26.1 and iPadOS 26.1, Safari 26.1, visionOS 26.1. Processing maliciously crafted web content may lead to an unexpected Safari crash.

EPSS

Процентиль: 16%

0.00051

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-416