6.3

CVE-2025-43400

Medienbericht

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Sonoma 14.8.1, macOS Tahoe 26.0.1, macOS Sequoia 15.7.1, visionOS 26.0.1, iOS 26.0.1 and iPadOS 26.0.1, iOS 18.7.1 and iPadOS 18.7.1. Processing a maliciously crafted font may lead to unexpected app termination or corrupt process memory.

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AppleiPadOS Version < 18.7.1
AppleiPadOS Version26.0
AppleiPhone OS Version < 18.7.1
AppleiPhone OS Version26.0
ApplemacOS Version >= 14.0 < 14.8.1
ApplemacOS Version >= 15.0 < 15.7.1
ApplemacOS Version26.0
ApplevisionOS Version < 26.0.1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.06% 0.178
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.3 2.8 3.4
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://support.apple.com/en-us/125326
Vendor Advisory
Release Notes
https://support.apple.com/en-us/125327
Vendor Advisory
Release Notes
https://support.apple.com/en-us/125328
Vendor Advisory
Release Notes
https://support.apple.com/en-us/125329
Vendor Advisory
Release Notes
https://support.apple.com/en-us/125330
Vendor Advisory
Release Notes
https://support.apple.com/en-us/125338
Vendor Advisory
Release Notes