CVE-2025-30454
published 2025-03-31CVE-2025-30454: A path handling issue was addressed with improved validation. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5, tvOS…
medium5.5CVSS 3.1
AVLACLPRNUIRSUCHINAN
A path handling issue was addressed with improved validation. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5, tvOS 18.4, watchOS 11.4. A malicious app may be able to access private information.
Affected
14 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios_18.4_and_ipados | — | — |
| apple | ios_and_ipados | < 18.4 | 18.4 |
| apple | ipados | < 18.4 | 18.4 |
| apple | iphone_os | < 18.4 | 18.4 |
| apple | macos | < 14.7.5 | 14.7.5 |
| apple | macos | < 15.4 | 15.4 |
| apple | macos | >= 14.0 < 14.7.5 | 14.7.5 |
| apple | macos | >= 15.0 < 15.4 | 15.4 |
| apple | macos_sequoia | — | — |
| apple | macos_sonoma | — | — |
| apple | tvos | < 18.4 | 18.4 |
| apple | tvos | — | — |
| apple | watchos | < 11.4 | 11.4 |
| apple | watchos | — | — |