exploitDog

CVE-2025-43463

Опубликовано: 12 дек. 2025

Источник: nvd

CVSS3: 5.5

EPSS Низкий

Описание

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sonoma 14.8.3, macOS Tahoe 26.1, macOS Sequoia 15.7.3. An app may be able to access sensitive user data.

Ссылки

https://support.apple.com/en-us/125634
Release Notes
Vendor Advisory
https://support.apple.com/en-us/125887
Release Notes
Vendor Advisory
https://support.apple.com/en-us/125888
Release Notes
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Версия до 14.8.3 (исключая)

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Версия от 15.0 (включая) до 15.7.3 (исключая)

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Версия от 26.0 (включая) до 26.1 (исключая)

EPSS

Процентиль: 4%

0.00018

Низкий

5.5 Medium

CVSS3

Дефекты

CWE-22

CWE-22

Связанные уязвимости

GHSA-hg42-5fw6-5rj9

CVSS3: 5.5

github

около 2 месяцев назад

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sonoma 14.8.3, macOS Tahoe 26.1, macOS Sequoia 15.7.3. An app may be able to access sensitive user data.

EPSS

Процентиль: 4%

0.00018

Низкий

5.5 Medium

CVSS3

Дефекты

CWE-22

CWE-22