VDB
CISA-2025-31233
CISA-2025-31233
PUBLISHED
CVSS 6.3 MEDIUM
Reported by apple · Published May 12, 2025
The issue was addressed with improved input sanitization. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. Processing a maliciously crafted video file may lead to unexpected app termination or corrupt process memory.
Risk Scores
CVSS 3.1
6.3
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apple | tvOS | unspecified |
| Apple | macOS | unspecified |
| Apple | iPadOS | unspecified |
| Apple | iOS and iPadOS | unspecified |
| Apple | macOS | unspecified |
| Apple | visionOS | unspecified |
| Apple | watchOS | unspecified |
| Apple | macOS | unspecified |
| Apple | macOS | unspecified, unspecified, unspecified |
| Apple | tvOS | unspecified, unspecified |
| Apple | watchOS | unspecified, unspecified |
| Apple | visionOS | unspecified, unspecified |
| Apple | iOS and iPadOS | unspecified, unspecified |
| Apple | iPadOS | unspecified, unspecified |
Timeline
- May 12, 2025 CVE Published
- Nov 3, 2025 CVE Updated
References
- http://seclists.org/fulldisclosure/2025/May/12 url
- http://seclists.org/fulldisclosure/2025/May/11 url
- http://seclists.org/fulldisclosure/2025/May/9 url
- http://seclists.org/fulldisclosure/2025/May/8 url
- http://seclists.org/fulldisclosure/2025/May/7 url
- http://seclists.org/fulldisclosure/2025/May/6 url
- http://seclists.org/fulldisclosure/2025/May/5 url