VDB
CISA-2025-24210
CISA-2025-24210
PUBLISHED
CVSS 5.5 MEDIUM
Reported by apple · Published March 31, 2025
A logic error was addressed with improved error handling. This issue is fixed in visionOS 2.4, macOS Ventura 13.7.5, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. Parsing an image may lead to disclosure of user information.
Risk Scores
CVSS 3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apple | tvOS | unspecified |
| Apple | iOS and iPadOS | unspecified |
| Apple | iPadOS | unspecified |
| Apple | macOS | unspecified |
| Apple | visionOS | unspecified |
| Apple | macOS | unspecified |
| Apple | macOS | unspecified |
| Apple | visionOS | unspecified, unspecified |
| Apple | tvOS | unspecified, unspecified |
| Apple | iPadOS | *, * |
| Apple | macOS | unspecified, unspecified, unspecified |
| Apple | iOS and iPadOS | *, * |
Timeline
- Mar 31, 2025 CVE Published
- Nov 3, 2025 CVE Updated
References
- http://seclists.org/fulldisclosure/2025/Apr/13 url
- http://seclists.org/fulldisclosure/2025/Apr/10 url
- http://seclists.org/fulldisclosure/2025/Apr/9 url
- http://seclists.org/fulldisclosure/2025/Apr/8 url
- http://seclists.org/fulldisclosure/2025/Apr/5 url
- http://seclists.org/fulldisclosure/2025/Apr/4 url
- http://seclists.org/fulldisclosure/2025/Apr/12 url
- http://seclists.org/fulldisclosure/2025/Apr/11 url