CVE-2025-24115

Sažetak

A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. An app may be able to read files outside of its sandbox.

Reference

https://support.apple.com/en-us/122068
https://support.apple.com/en-us/122069
https://support.apple.com/en-us/122070
http://seclists.org/fulldisclosure/2025/Jan/15
http://seclists.org/fulldisclosure/2025/Jan/16
http://seclists.org/fulldisclosure/2025/Jan/17

CVSS

Base:	6.3
Impact:	4.0
Exploitability:	1.8

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	NONE	NONE

CVSS vektor

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N

Zadnje važnije ažuriranje

02-04-2026 - 19:19

Objavljeno

27-01-2025 - 22:15