CVE-2025-24143
published 2025-01-27CVE-2025-24143: The issue was addressed with improved access restrictions to the file system. This issue is fixed in Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3…
medium6.5CVSS 3.1
AVNACLPRNUIRSUCHINAN
The issue was addressed with improved access restrictions to the file system. This issue is fixed in Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, visionOS 2.3. A maliciously crafted webpage may be able to fingerprint the user.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios_18.3_and_ipados | — | — |
| apple | ios_and_ipados | < 18.3 | 18.3 |
| apple | ipados | < 18.3 | 18.3 |
| apple | macos | < 15.3 | 15.3 |
| apple | macos_sequoia | — | — |
| apple | safari | < 18.3 | 18.3 |
| apple | safari | — | — |
| apple | visionos | < 2.3 | 2.3 |
| apple | visionos | — | — |
| debian | webkit2gtk | < webkit2gtk 2.46.6-1~deb12u1 (bookworm) | webkit2gtk 2.46.6-1~deb12u1 (bookworm) |
| debian | wpewebkit | < webkit2gtk 2.46.6-1~deb12u1 (bookworm) | webkit2gtk 2.46.6-1~deb12u1 (bookworm) |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
osv6.5MEDIUM