CVE-2025-43240
published 2025-07-30CVE-2025-43240: A logic issue was addressed with improved checks. This issue is fixed in Safari 18.6, macOS Sequoia 15.6. A download's origin may be incorrectly associated.
medium6.2CVSS 3.1
AVLACLPRNUINSUCHINAN
A logic issue was addressed with improved checks. This issue is fixed in Safari 18.6, macOS Sequoia 15.6. A download's origin may be incorrectly associated.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | macos | < 15.6 | 15.6 |
| apple | macos_sequoia | — | — |
| apple | safari | < 18.6 | 18.6 |
| apple | safari | — | — |
| debian | webkit2gtk | < webkit2gtk 2.48.5-1~deb12u1 (bookworm) | webkit2gtk 2.48.5-1~deb12u1 (bookworm) |
| debian | wpewebkit | < webkit2gtk 2.48.5-1~deb12u1 (bookworm) | webkit2gtk 2.48.5-1~deb12u1 (bookworm) |
CVSS provenance
nvdv3.16.2MEDIUMCVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
osv6.2MEDIUM