Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-7424 (GCVE-0-2025-7424)
Vulnerability from cvelistv5
Published
2025-07-10 14:05
Modified
2025-08-27 18:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')
Summary
A flaw was found in the libxslt library. The same memory field, psvi, is used for both stylesheet and input data, which can lead to type confusion during XML transformations. This vulnerability allows an attacker to crash the application or corrupt memory. In some cases, it may lead to denial of service or unexpected behavior.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://access.redhat.com/security/cve/CVE-2025-7424 | Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=2379228 | Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Red Hat | Red Hat Enterprise Linux 10 |
cpe:/o:redhat:enterprise_linux:10 |
||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-7424",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-10T14:19:10.293861Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-10T14:19:18.343Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"packageName": "libxslt",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "unknown",
"packageName": "libxslt",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "unaffected",
"packageName": "libxslt",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unaffected",
"packageName": "libxslt",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unaffected",
"packageName": "libxslt",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "rhcos",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Ivan Fratric (Google Project Zero) for reporting this issue."
}
],
"datePublic": "2025-07-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the libxslt library. The same memory field, psvi, is used for both stylesheet and input data, which can lead to type confusion during XML transformations. This vulnerability allows an attacker to crash the application or corrupt memory. In some cases, it may lead to denial of service or unexpected behavior."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-27T18:07:23.374Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2025-7424"
},
{
"name": "RHBZ#2379228",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2379228"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-07-10T08:34:02.563000+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2025-07-10T00:00:00+00:00",
"value": "Made public."
}
],
"title": "Libxslt: type confusion in xmlnode.psvi between stylesheet and source nodes",
"workarounds": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
],
"x_redhatCweChain": "CWE-843: Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2025-7424",
"datePublished": "2025-07-10T14:05:41.808Z",
"dateReserved": "2025-07-10T08:43:48.349Z",
"dateUpdated": "2025-08-27T18:07:23.374Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-7424\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2025-07-10T14:15:27.573\",\"lastModified\":\"2025-08-27T18:00:52.190\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A flaw was found in the libxslt library. The same memory field, psvi, is used for both stylesheet and input data, which can lead to type confusion during XML transformations. This vulnerability allows an attacker to crash the application or corrupt memory. In some cases, it may lead to denial of service or unexpected behavior.\"},{\"lang\":\"es\",\"value\":\"Se encontr\u00f3 una falla en la librer\u00eda libxslt. El mismo campo de memoria, psvi, se utiliza tanto para la hoja de estilo como para los datos de entrada, lo que puede provocar confusi\u00f3n de tipos durante las transformaciones XML. Esta vulnerabilidad permite a un atacante bloquear la aplicaci\u00f3n o corromper la memoria. En algunos casos, puede provocar una denegaci\u00f3n de servicio o un comportamiento inesperado.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.4,\"impactScore\":5.8},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-843\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xmlsoft:libxslt:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2D94647-6F9E-40A3-8BDF-980A6D71E6E2\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"932D137F-528B-4526-9A89-CD59FA1AB0FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"142AD0DD-4CF3-4D74-9442-459CE3347E3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4CFF558-3C47-480D-A2F0-BABF26042943\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F6FB57C-2BC7-487C-96DD-132683AEB35D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D65C2163-CFC2-4ABB-8F4E-CB09CEBD006C\"}]}]}],\"references\":[{\"url\":\"https://access.redhat.com/security/cve/CVE-2025-7424\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2379228\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-7424\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-07-10T14:19:10.293861Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-07-10T14:19:15.187Z\"}}], \"cna\": {\"title\": \"Libxslt: type confusion in xmlnode.psvi between stylesheet and source nodes\", \"credits\": [{\"lang\": \"en\", \"value\": \"Red Hat would like to thank Ivan Fratric (Google Project Zero) for reporting this issue.\"}], \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Important\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 7.8, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 10\", \"packageName\": \"libxslt\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:6\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 6\", \"packageName\": \"libxslt\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 7\", \"packageName\": \"libxslt\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8\", \"packageName\": \"libxslt\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"packageName\": \"libxslt\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4\", \"packageName\": \"rhcos\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2025-07-10T08:34:02.563000+00:00\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2025-07-10T00:00:00+00:00\", \"value\": \"Made public.\"}], \"datePublic\": \"2025-07-10T00:00:00.000Z\", \"references\": [{\"url\": \"https://access.redhat.com/security/cve/CVE-2025-7424\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2379228\", \"name\": \"RHBZ#2379228\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A flaw was found in the libxslt library. The same memory field, psvi, is used for both stylesheet and input data, which can lead to type confusion during XML transformations. This vulnerability allows an attacker to crash the application or corrupt memory. In some cases, it may lead to denial of service or unexpected behavior.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-843\", \"description\": \"Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"shortName\": \"redhat\", \"dateUpdated\": \"2025-08-27T18:07:23.374Z\"}, \"x_redhatCweChain\": \"CWE-843: Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)\"}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-7424\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-08-27T18:07:23.374Z\", \"dateReserved\": \"2025-07-10T08:43:48.349Z\", \"assignerOrgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"datePublished\": \"2025-07-10T14:05:41.808Z\", \"assignerShortName\": \"redhat\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
ncsc-2025-0238
Vulnerability from csaf_ncscnl
Published
2025-07-30 13:02
Modified
2025-07-30 13:02
Summary
Kwetsbaarheden verholpen in Apple macOS, iOS en iPadOS
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Apple heeft kwetsbaarheden verholpen in macOS, iOS en iPadOS.
Interpretaties
De kwetsbaarheden omvatten verschillende problemen, zoals onvoldoende validatie van invoer, geheugenbeschadiging, en logica-issues die kunnen leiden tot ongeautoriseerde toegang tot gevoelige gebruikersdata. Deze kwetsbaarheden kunnen door kwaadwillenden worden misbruikt om root-rechten te verkrijgen, applicaties te laten crashen, of om toegang te krijgen tot beschermde systeemcomponenten.
Oplossingen
Apple heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CWE-416
Use After Free
CWE-20
Improper Input Validation
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Apple heeft kwetsbaarheden verholpen in macOS, iOS en iPadOS.\n\n",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden omvatten verschillende problemen, zoals onvoldoende validatie van invoer, geheugenbeschadiging, en logica-issues die kunnen leiden tot ongeautoriseerde toegang tot gevoelige gebruikersdata. Deze kwetsbaarheden kunnen door kwaadwillenden worden misbruikt om root-rechten te verkrijgen, applicaties te laten crashen, of om toegang te krijgen tot beschermde systeemcomponenten. ",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Apple heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"title": "CWE-843"
},
{
"category": "general",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference",
"url": "https://support.apple.com/en-us/124147"
},
{
"category": "external",
"summary": "Reference",
"url": "https://support.apple.com/en-us/124149"
},
{
"category": "external",
"summary": "Reference",
"url": "https://support.apple.com/en-us/124150"
},
{
"category": "external",
"summary": "Reference",
"url": "https://support.apple.com/en-us/124151"
},
{
"category": "external",
"summary": "Reference",
"url": "https://support.apple.com/en-us/124153"
},
{
"category": "external",
"summary": "Reference",
"url": "https://support.apple.com/en-us/124154"
},
{
"category": "external",
"summary": "Reference",
"url": "https://support.apple.com/en-us/124155"
}
],
"title": "Kwetsbaarheden verholpen in Apple macOS, iOS en iPadOS",
"tracking": {
"current_release_date": "2025-07-30T13:02:51.663320Z",
"generator": {
"date": "2025-06-05T14:45:00Z",
"engine": {
"name": "V.A.",
"version": "1.1"
}
},
"id": "NCSC-2025-0238",
"initial_release_date": "2025-07-30T13:02:51.663320Z",
"revision_history": [
{
"date": "2025-07-30T13:02:51.663320Z",
"number": "1.0.0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/unspecified|\u003c15.6",
"product": {
"name": "vers:unknown/unspecified|\u003c15.6",
"product_id": "CSAFPID-1914575"
}
}
],
"category": "product_name",
"name": "macOS"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:apple/14.7.7",
"product": {
"name": "vers:apple/14.7.7",
"product_id": "CSAFPID-3011581"
}
}
],
"category": "product_name",
"name": "macOS Sonoma"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:apple/13.7.7",
"product": {
"name": "vers:apple/13.7.7",
"product_id": "CSAFPID-3011580"
}
}
],
"category": "product_name",
"name": "macOS Ventura"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:apple/unknown",
"product": {
"name": "vers:apple/unknown",
"product_id": "CSAFPID-1432304"
}
}
],
"category": "product_name",
"name": "macOS Sequoia"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:apple/17.7.9",
"product": {
"name": "vers:apple/17.7.9",
"product_id": "CSAFPID-3011582"
}
}
],
"category": "product_name",
"name": "iPadOS"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:apple/18.6",
"product": {
"name": "vers:apple/18.6",
"product_id": "CSAFPID-3011583"
}
}
],
"category": "product_name",
"name": "iOS"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/unspecified|\u003c18.6",
"product": {
"name": "vers:unknown/unspecified|\u003c18.6",
"product_id": "CSAFPID-3012712"
}
}
],
"category": "product_name",
"name": "iOS and iPadOS"
}
],
"category": "vendor",
"name": "Apple"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-43187",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43187 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43187.json"
}
],
"title": "CVE-2025-43187"
},
{
"cve": "CVE-2025-43188",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43188 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43188.json"
}
],
"title": "CVE-2025-43188"
},
{
"cve": "CVE-2025-43189",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43189 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43189.json"
}
],
"title": "CVE-2025-43189"
},
{
"cve": "CVE-2025-43191",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43191 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43191.json"
}
],
"title": "CVE-2025-43191"
},
{
"cve": "CVE-2025-43192",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43192 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43192.json"
}
],
"title": "CVE-2025-43192"
},
{
"cve": "CVE-2025-43193",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43193 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43193.json"
}
],
"title": "CVE-2025-43193"
},
{
"cve": "CVE-2025-43194",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43194 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43194.json"
}
],
"title": "CVE-2025-43194"
},
{
"cve": "CVE-2025-43195",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43195 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43195.json"
}
],
"title": "CVE-2025-43195"
},
{
"cve": "CVE-2025-43196",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43196 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43196.json"
}
],
"title": "CVE-2025-43196"
},
{
"cve": "CVE-2025-43197",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43197 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43197.json"
}
],
"title": "CVE-2025-43197"
},
{
"cve": "CVE-2025-43198",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43198 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43198.json"
}
],
"title": "CVE-2025-43198"
},
{
"cve": "CVE-2025-43199",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43199 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43199.json"
}
],
"title": "CVE-2025-43199"
},
{
"cve": "CVE-2025-43202",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43202 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43202.json"
}
],
"title": "CVE-2025-43202"
},
{
"cve": "CVE-2025-43206",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43206 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43206.json"
}
],
"title": "CVE-2025-43206"
},
{
"cve": "CVE-2025-43209",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43209 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43209.json"
}
],
"title": "CVE-2025-43209"
},
{
"cve": "CVE-2025-43210",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43210 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43210.json"
}
],
"title": "CVE-2025-43210"
},
{
"cve": "CVE-2025-43211",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43211 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43211.json"
}
],
"title": "CVE-2025-43211"
},
{
"cve": "CVE-2025-43212",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43212 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43212.json"
}
],
"title": "CVE-2025-43212"
},
{
"cve": "CVE-2025-43213",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43213 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43213.json"
}
],
"title": "CVE-2025-43213"
},
{
"cve": "CVE-2025-43214",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43214 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43214.json"
}
],
"title": "CVE-2025-43214"
},
{
"cve": "CVE-2025-43215",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43215 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43215.json"
}
],
"title": "CVE-2025-43215"
},
{
"cve": "CVE-2025-43216",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43216 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43216.json"
}
],
"title": "CVE-2025-43216"
},
{
"cve": "CVE-2025-43218",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43218 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43218.json"
}
],
"title": "CVE-2025-43218"
},
{
"cve": "CVE-2025-43219",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43219 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43219.json"
}
],
"title": "CVE-2025-43219"
},
{
"cve": "CVE-2025-43220",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43220 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43220.json"
}
],
"title": "CVE-2025-43220"
},
{
"cve": "CVE-2025-43221",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43221 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43221.json"
}
],
"title": "CVE-2025-43221"
},
{
"cve": "CVE-2025-43222",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43222 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43222.json"
}
],
"title": "CVE-2025-43222"
},
{
"cve": "CVE-2025-43223",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43223 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43223.json"
}
],
"title": "CVE-2025-43223"
},
{
"cve": "CVE-2025-43224",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43224 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43224.json"
}
],
"title": "CVE-2025-43224"
},
{
"cve": "CVE-2025-43225",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43225 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43225.json"
}
],
"title": "CVE-2025-43225"
},
{
"cve": "CVE-2025-43226",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43226 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43226.json"
}
],
"title": "CVE-2025-43226"
},
{
"cve": "CVE-2025-43227",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43227 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43227.json"
}
],
"title": "CVE-2025-43227"
},
{
"cve": "CVE-2025-43229",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43229 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43229.json"
}
],
"title": "CVE-2025-43229"
},
{
"cve": "CVE-2025-43230",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43230 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43230.json"
}
],
"title": "CVE-2025-43230"
},
{
"cve": "CVE-2025-43232",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43232 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43232.json"
}
],
"title": "CVE-2025-43232"
},
{
"cve": "CVE-2025-43273",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43273 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43273.json"
}
],
"title": "CVE-2025-43273"
},
{
"cve": "CVE-2025-43274",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43274 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43274.json"
}
],
"title": "CVE-2025-43274"
},
{
"cve": "CVE-2025-43275",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43275 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43275.json"
}
],
"title": "CVE-2025-43275"
},
{
"cve": "CVE-2025-43276",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43276 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43276.json"
}
],
"title": "CVE-2025-43276"
},
{
"cve": "CVE-2025-43277",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43277 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43277.json"
}
],
"title": "CVE-2025-43277"
},
{
"cve": "CVE-2025-6558",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-6558 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-6558.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
}
],
"title": "CVE-2025-6558"
},
{
"cve": "CVE-2025-7424",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"notes": [
{
"category": "other",
"text": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"title": "CWE-843"
},
{
"category": "other",
"text": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"title": "CWE-843"
},
{
"category": "other",
"text": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"title": "CWE-843"
},
{
"category": "other",
"text": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"title": "CWE-843"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-7424 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-7424.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
}
],
"title": "CVE-2025-7424"
},
{
"cve": "CVE-2025-7425",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-7425 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-7425.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
}
],
"title": "CVE-2025-7425"
},
{
"cve": "CVE-2025-24188",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24188 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-24188.json"
}
],
"title": "CVE-2025-24188"
},
{
"cve": "CVE-2025-31243",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-31243 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-31243.json"
}
],
"title": "CVE-2025-31243"
},
{
"cve": "CVE-2025-31273",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-31273 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-31273.json"
}
],
"title": "CVE-2025-31273"
},
{
"cve": "CVE-2025-31275",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-31275 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-31275.json"
}
],
"title": "CVE-2025-31275"
},
{
"cve": "CVE-2025-31277",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-31277 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-31277.json"
}
],
"title": "CVE-2025-31277"
},
{
"cve": "CVE-2025-31278",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-31278 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-31278.json"
}
],
"title": "CVE-2025-31278"
},
{
"cve": "CVE-2025-31279",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-31279 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-31279.json"
}
],
"title": "CVE-2025-31279"
},
{
"cve": "CVE-2025-31280",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-31280 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-31280.json"
}
],
"title": "CVE-2025-31280"
},
{
"cve": "CVE-2025-31281",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-31281 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-31281.json"
}
],
"title": "CVE-2025-31281"
},
{
"cve": "CVE-2025-43185",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43185 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43185.json"
}
],
"title": "CVE-2025-43185"
},
{
"cve": "CVE-2025-43186",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43186 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43186.json"
}
],
"title": "CVE-2025-43186"
},
{
"cve": "CVE-2025-43233",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43233 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43233.json"
}
],
"title": "CVE-2025-43233"
},
{
"cve": "CVE-2025-43234",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43234 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43234.json"
}
],
"title": "CVE-2025-43234"
},
{
"cve": "CVE-2025-43235",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43235 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43235.json"
}
],
"title": "CVE-2025-43235"
},
{
"cve": "CVE-2025-43236",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43236 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43236.json"
}
],
"title": "CVE-2025-43236"
},
{
"cve": "CVE-2025-43237",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43237 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43237.json"
}
],
"title": "CVE-2025-43237"
},
{
"cve": "CVE-2025-43238",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43238 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43238.json"
}
],
"title": "CVE-2025-43238"
},
{
"cve": "CVE-2025-43239",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43239 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43239.json"
}
],
"title": "CVE-2025-43239"
},
{
"cve": "CVE-2025-43240",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43240 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43240.json"
}
],
"title": "CVE-2025-43240"
},
{
"cve": "CVE-2025-43241",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43241 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43241.json"
}
],
"title": "CVE-2025-43241"
},
{
"cve": "CVE-2025-43243",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43243 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43243.json"
}
],
"title": "CVE-2025-43243"
},
{
"cve": "CVE-2025-43244",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43244 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43244.json"
}
],
"title": "CVE-2025-43244"
},
{
"cve": "CVE-2025-43245",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43245 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43245.json"
}
],
"title": "CVE-2025-43245"
},
{
"cve": "CVE-2025-43246",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43246 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43246.json"
}
],
"title": "CVE-2025-43246"
},
{
"cve": "CVE-2025-43247",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43247 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43247.json"
}
],
"title": "CVE-2025-43247"
},
{
"cve": "CVE-2025-43248",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43248 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43248.json"
}
],
"title": "CVE-2025-43248"
},
{
"cve": "CVE-2025-43249",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43249 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43249.json"
}
],
"title": "CVE-2025-43249"
},
{
"cve": "CVE-2025-43250",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43250 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43250.json"
}
],
"title": "CVE-2025-43250"
},
{
"cve": "CVE-2025-43251",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43251 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43251.json"
}
],
"title": "CVE-2025-43251"
},
{
"cve": "CVE-2025-43252",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43252 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43252.json"
}
],
"title": "CVE-2025-43252"
},
{
"cve": "CVE-2025-43253",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43253 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43253.json"
}
],
"title": "CVE-2025-43253"
},
{
"cve": "CVE-2025-43254",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43254 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43254.json"
}
],
"title": "CVE-2025-43254"
},
{
"cve": "CVE-2025-43255",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43255 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43255.json"
}
],
"title": "CVE-2025-43255"
},
{
"cve": "CVE-2025-43256",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43256 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43256.json"
}
],
"title": "CVE-2025-43256"
},
{
"cve": "CVE-2025-43257",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43257 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43257.json"
}
],
"title": "CVE-2025-43257"
},
{
"cve": "CVE-2025-43259",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43259 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43259.json"
}
],
"title": "CVE-2025-43259"
},
{
"cve": "CVE-2025-43260",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43260 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43260.json"
}
],
"title": "CVE-2025-43260"
},
{
"cve": "CVE-2025-43261",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43261 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43261.json"
}
],
"title": "CVE-2025-43261"
},
{
"cve": "CVE-2025-43264",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43264 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43264.json"
}
],
"title": "CVE-2025-43264"
},
{
"cve": "CVE-2025-43265",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43265 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43265.json"
}
],
"title": "CVE-2025-43265"
},
{
"cve": "CVE-2025-43266",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43266 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43266.json"
}
],
"title": "CVE-2025-43266"
},
{
"cve": "CVE-2025-43267",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43267 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43267.json"
}
],
"title": "CVE-2025-43267"
},
{
"cve": "CVE-2025-43268",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43268 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43268.json"
}
],
"title": "CVE-2025-43268"
},
{
"cve": "CVE-2025-43270",
"product_status": {
"known_affected": [
"CSAFPID-1914575",
"CSAFPID-3011581",
"CSAFPID-3011580",
"CSAFPID-1432304",
"CSAFPID-3011582",
"CSAFPID-3011583",
"CSAFPID-3012712"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43270 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43270.json"
}
],
"title": "CVE-2025-43270"
}
]
}
fkie_cve-2025-7424
Vulnerability from fkie_nvd
Published
2025-07-10 14:15
Modified
2025-08-27 18:00
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A flaw was found in the libxslt library. The same memory field, psvi, is used for both stylesheet and input data, which can lead to type confusion during XML transformations. This vulnerability allows an attacker to crash the application or corrupt memory. In some cases, it may lead to denial of service or unexpected behavior.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://access.redhat.com/security/cve/CVE-2025-7424 | Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=2379228 | Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| xmlsoft | libxslt | - | |
| redhat | openshift_container_platform | 4.0 | |
| redhat | enterprise_linux | 6.0 | |
| redhat | enterprise_linux | 7.0 | |
| redhat | enterprise_linux | 8.0 | |
| redhat | enterprise_linux | 9.0 | |
| redhat | enterprise_linux | 10.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:xmlsoft:libxslt:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2D94647-6F9E-40A3-8BDF-980A6D71E6E2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "932D137F-528B-4526-9A89-CD59FA1AB0FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D65C2163-CFC2-4ABB-8F4E-CB09CEBD006C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the libxslt library. The same memory field, psvi, is used for both stylesheet and input data, which can lead to type confusion during XML transformations. This vulnerability allows an attacker to crash the application or corrupt memory. In some cases, it may lead to denial of service or unexpected behavior."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una falla en la librer\u00eda libxslt. El mismo campo de memoria, psvi, se utiliza tanto para la hoja de estilo como para los datos de entrada, lo que puede provocar confusi\u00f3n de tipos durante las transformaciones XML. Esta vulnerabilidad permite a un atacante bloquear la aplicaci\u00f3n o corromper la memoria. En algunos casos, puede provocar una denegaci\u00f3n de servicio o un comportamiento inesperado."
}
],
"id": "CVE-2025-7424",
"lastModified": "2025-08-27T18:00:52.190",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.4,
"impactScore": 5.8,
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-07-10T14:15:27.573",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2025-7424"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2379228"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-843"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
}
]
}
ghsa-w4gx-392p-5m58
Vulnerability from github
Published
2025-07-10 15:31
Modified
2025-07-10 15:31
Severity ?
VLAI Severity ?
Details
A flaw was found in the libxslt library. The same memory field, psvi, is used for both stylesheet and input data, which can lead to type confusion during XML transformations. This vulnerability allows an attacker to crash the application or corrupt memory. In some cases, it may lead to denial of service or unexpected behavior.
{
"affected": [],
"aliases": [
"CVE-2025-7424"
],
"database_specific": {
"cwe_ids": [
"CWE-843"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-07-10T14:15:27Z",
"severity": "HIGH"
},
"details": "A flaw was found in the libxslt library. The same memory field, psvi, is used for both stylesheet and input data, which can lead to type confusion during XML transformations. This vulnerability allows an attacker to crash the application or corrupt memory. In some cases, it may lead to denial of service or unexpected behavior.",
"id": "GHSA-w4gx-392p-5m58",
"modified": "2025-07-10T15:31:28Z",
"published": "2025-07-10T15:31:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-7424"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2025-7424"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2379228"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H",
"type": "CVSS_V3"
}
]
}
wid-sec-w-2025-1683
Vulnerability from csaf_certbund
Published
2025-07-30 22:00
Modified
2025-07-30 22:00
Summary
Apple Safari: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Safari ist der auf Apple Geräten eingesetzte Web Browser.
Angriff
Ein Angreifer kann mehrere Schwachstellen in Apple Safari ausnutzen, um Informationen offenzulegen, um einen Denial of Service Angriff durchzuführen, um einen Cross-Site Scripting Angriff durchzuführen, und um Sicherheitsvorkehrungen zu umgehen.
Betroffene Betriebssysteme
- Linux
- Sonstiges
- UNIX
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Safari ist der auf Apple Ger\u00e4ten eingesetzte Web Browser.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Apple Safari ausnutzen, um Informationen offenzulegen, um einen Denial of Service Angriff durchzuf\u00fchren, um einen Cross-Site Scripting Angriff durchzuf\u00fchren, und um Sicherheitsvorkehrungen zu umgehen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-1683 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1683.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-1683 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1683"
},
{
"category": "external",
"summary": "Apple Safari Security Updates vom 2025-07-30",
"url": "https://support.apple.com/en-us/124152"
}
],
"source_lang": "en-US",
"title": "Apple Safari: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-07-30T22:00:00.000+00:00",
"generator": {
"date": "2025-07-31T08:14:35.387+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-1683",
"initial_release_date": "2025-07-30T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-07-30T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c18.6",
"product": {
"name": "Apple Safari \u003c18.6",
"product_id": "T045768"
}
},
{
"category": "product_version",
"name": "18.6",
"product": {
"name": "Apple Safari 18.6",
"product_id": "T045768-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:apple:safari:18.6"
}
}
}
],
"category": "product_name",
"name": "Safari"
}
],
"category": "vendor",
"name": "Apple"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-24188",
"product_status": {
"known_affected": [
"T045768"
]
},
"release_date": "2025-07-30T22:00:00.000+00:00",
"title": "CVE-2025-24188"
},
{
"cve": "CVE-2025-31273",
"product_status": {
"known_affected": [
"T045768"
]
},
"release_date": "2025-07-30T22:00:00.000+00:00",
"title": "CVE-2025-31273"
},
{
"cve": "CVE-2025-31277",
"product_status": {
"known_affected": [
"T045768"
]
},
"release_date": "2025-07-30T22:00:00.000+00:00",
"title": "CVE-2025-31277"
},
{
"cve": "CVE-2025-31278",
"product_status": {
"known_affected": [
"T045768"
]
},
"release_date": "2025-07-30T22:00:00.000+00:00",
"title": "CVE-2025-31278"
},
{
"cve": "CVE-2025-43211",
"product_status": {
"known_affected": [
"T045768"
]
},
"release_date": "2025-07-30T22:00:00.000+00:00",
"title": "CVE-2025-43211"
},
{
"cve": "CVE-2025-43212",
"product_status": {
"known_affected": [
"T045768"
]
},
"release_date": "2025-07-30T22:00:00.000+00:00",
"title": "CVE-2025-43212"
},
{
"cve": "CVE-2025-43213",
"product_status": {
"known_affected": [
"T045768"
]
},
"release_date": "2025-07-30T22:00:00.000+00:00",
"title": "CVE-2025-43213"
},
{
"cve": "CVE-2025-43214",
"product_status": {
"known_affected": [
"T045768"
]
},
"release_date": "2025-07-30T22:00:00.000+00:00",
"title": "CVE-2025-43214"
},
{
"cve": "CVE-2025-43216",
"product_status": {
"known_affected": [
"T045768"
]
},
"release_date": "2025-07-30T22:00:00.000+00:00",
"title": "CVE-2025-43216"
},
{
"cve": "CVE-2025-43227",
"product_status": {
"known_affected": [
"T045768"
]
},
"release_date": "2025-07-30T22:00:00.000+00:00",
"title": "CVE-2025-43227"
},
{
"cve": "CVE-2025-43228",
"product_status": {
"known_affected": [
"T045768"
]
},
"release_date": "2025-07-30T22:00:00.000+00:00",
"title": "CVE-2025-43228"
},
{
"cve": "CVE-2025-43229",
"product_status": {
"known_affected": [
"T045768"
]
},
"release_date": "2025-07-30T22:00:00.000+00:00",
"title": "CVE-2025-43229"
},
{
"cve": "CVE-2025-43240",
"product_status": {
"known_affected": [
"T045768"
]
},
"release_date": "2025-07-30T22:00:00.000+00:00",
"title": "CVE-2025-43240"
},
{
"cve": "CVE-2025-43265",
"product_status": {
"known_affected": [
"T045768"
]
},
"release_date": "2025-07-30T22:00:00.000+00:00",
"title": "CVE-2025-43265"
},
{
"cve": "CVE-2025-6558",
"product_status": {
"known_affected": [
"T045768"
]
},
"release_date": "2025-07-30T22:00:00.000+00:00",
"title": "CVE-2025-6558"
},
{
"cve": "CVE-2025-7424",
"product_status": {
"known_affected": [
"T045768"
]
},
"release_date": "2025-07-30T22:00:00.000+00:00",
"title": "CVE-2025-7424"
},
{
"cve": "CVE-2025-7425",
"product_status": {
"known_affected": [
"T045768"
]
},
"release_date": "2025-07-30T22:00:00.000+00:00",
"title": "CVE-2025-7425"
}
]
}
wid-sec-w-2025-1672
Vulnerability from csaf_certbund
Published
2025-07-29 22:00
Modified
2025-08-31 22:00
Summary
Apple macOS Sequoia, Sonoma und Ventura: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Apple macOS ist ein Betriebssystem, das auf FreeBSD und Mach basiert.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura ausnutzen, um Root-Rechte zu erlangen, beliebigen Code auszuführen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen preiszugeben, Daten zu verändern oder Sicherheitsmaßnahmen zu umgehen.
Betroffene Betriebssysteme
- MacOS X
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Apple macOS ist ein Betriebssystem, das auf FreeBSD und Mach basiert.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura ausnutzen, um Root-Rechte zu erlangen, beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen preiszugeben, Daten zu ver\u00e4ndern oder Sicherheitsma\u00dfnahmen zu umgehen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- MacOS X",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-1672 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1672.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-1672 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1672"
},
{
"category": "external",
"summary": "Apple Security Announce vom 2025-07-29",
"url": "https://support.apple.com/de-de/124149"
},
{
"category": "external",
"summary": "Apple Security Announce vom 2025-07-29",
"url": "https://support.apple.com/de-de/124150"
},
{
"category": "external",
"summary": "Apple Security Announce vom 2025-07-29",
"url": "https://support.apple.com/de-de/124151"
}
],
"source_lang": "en-US",
"title": "Apple macOS Sequoia, Sonoma und Ventura: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-08-31T22:00:00.000+00:00",
"generator": {
"date": "2025-09-01T07:11:14.282+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-1672",
"initial_release_date": "2025-07-29T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-07-29T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-08-28T22:00:00.000+00:00",
"number": "2",
"summary": "CVE-2025-43284 erg\u00e4nzt"
},
{
"date": "2025-08-31T22:00:00.000+00:00",
"number": "3",
"summary": "Referenz(en) aufgenommen: EUVD-2025-26254, EUVD-2025-26255, EUVD-2025-26196"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "Sequoia \u003c15.6",
"product": {
"name": "Apple macOS Sequoia \u003c15.6",
"product_id": "T045718"
}
},
{
"category": "product_version",
"name": "Sequoia 15.6",
"product": {
"name": "Apple macOS Sequoia 15.6",
"product_id": "T045718-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:apple:mac_os:sequoia__15.6"
}
}
},
{
"category": "product_version_range",
"name": "Sonoma \u003c14.7.7",
"product": {
"name": "Apple macOS Sonoma \u003c14.7.7",
"product_id": "T045719"
}
},
{
"category": "product_version",
"name": "Sonoma 14.7.7",
"product": {
"name": "Apple macOS Sonoma 14.7.7",
"product_id": "T045719-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:apple:mac_os:sonoma__14.7.7"
}
}
},
{
"category": "product_version_range",
"name": "Ventura \u003c13.7.7",
"product": {
"name": "Apple macOS Ventura \u003c13.7.7",
"product_id": "T045720"
}
},
{
"category": "product_version",
"name": "Ventura 13.7.7",
"product": {
"name": "Apple macOS Ventura 13.7.7",
"product_id": "T045720-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:apple:mac_os:ventura__13.7.7"
}
}
}
],
"category": "product_name",
"name": "macOS"
}
],
"category": "vendor",
"name": "Apple"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-24119",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-24119"
},
{
"cve": "CVE-2025-24188",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-24188"
},
{
"cve": "CVE-2025-24224",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-24224"
},
{
"cve": "CVE-2025-31243",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-31243"
},
{
"cve": "CVE-2025-31273",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-31273"
},
{
"cve": "CVE-2025-31275",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-31275"
},
{
"cve": "CVE-2025-31277",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-31277"
},
{
"cve": "CVE-2025-31278",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-31278"
},
{
"cve": "CVE-2025-31279",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-31279"
},
{
"cve": "CVE-2025-31280",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-31280"
},
{
"cve": "CVE-2025-31281",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-31281"
},
{
"cve": "CVE-2025-43184",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43184"
},
{
"cve": "CVE-2025-43185",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43185"
},
{
"cve": "CVE-2025-43186",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43186"
},
{
"cve": "CVE-2025-43187",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43187"
},
{
"cve": "CVE-2025-43188",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43188"
},
{
"cve": "CVE-2025-43189",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43189"
},
{
"cve": "CVE-2025-43191",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43191"
},
{
"cve": "CVE-2025-43192",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43192"
},
{
"cve": "CVE-2025-43193",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43193"
},
{
"cve": "CVE-2025-43194",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43194"
},
{
"cve": "CVE-2025-43195",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43195"
},
{
"cve": "CVE-2025-43196",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43196"
},
{
"cve": "CVE-2025-43197",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43197"
},
{
"cve": "CVE-2025-43198",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43198"
},
{
"cve": "CVE-2025-43199",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43199"
},
{
"cve": "CVE-2025-43202",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43202"
},
{
"cve": "CVE-2025-43206",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43206"
},
{
"cve": "CVE-2025-43209",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43209"
},
{
"cve": "CVE-2025-43210",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43210"
},
{
"cve": "CVE-2025-43211",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43211"
},
{
"cve": "CVE-2025-43212",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43212"
},
{
"cve": "CVE-2025-43213",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43213"
},
{
"cve": "CVE-2025-43214",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43214"
},
{
"cve": "CVE-2025-43215",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43215"
},
{
"cve": "CVE-2025-43216",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43216"
},
{
"cve": "CVE-2025-43218",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43218"
},
{
"cve": "CVE-2025-43219",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43219"
},
{
"cve": "CVE-2025-43220",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43220"
},
{
"cve": "CVE-2025-43221",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43221"
},
{
"cve": "CVE-2025-43222",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43222"
},
{
"cve": "CVE-2025-43223",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43223"
},
{
"cve": "CVE-2025-43224",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43224"
},
{
"cve": "CVE-2025-43225",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43225"
},
{
"cve": "CVE-2025-43226",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43226"
},
{
"cve": "CVE-2025-43227",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43227"
},
{
"cve": "CVE-2025-43229",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43229"
},
{
"cve": "CVE-2025-43230",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43230"
},
{
"cve": "CVE-2025-43232",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43232"
},
{
"cve": "CVE-2025-43233",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43233"
},
{
"cve": "CVE-2025-43234",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43234"
},
{
"cve": "CVE-2025-43235",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43235"
},
{
"cve": "CVE-2025-43236",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43236"
},
{
"cve": "CVE-2025-43237",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43237"
},
{
"cve": "CVE-2025-43238",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43238"
},
{
"cve": "CVE-2025-43239",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43239"
},
{
"cve": "CVE-2025-43240",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43240"
},
{
"cve": "CVE-2025-43241",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43241"
},
{
"cve": "CVE-2025-43243",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43243"
},
{
"cve": "CVE-2025-43244",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43244"
},
{
"cve": "CVE-2025-43245",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43245"
},
{
"cve": "CVE-2025-43246",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43246"
},
{
"cve": "CVE-2025-43247",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43247"
},
{
"cve": "CVE-2025-43248",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43248"
},
{
"cve": "CVE-2025-43249",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43249"
},
{
"cve": "CVE-2025-43250",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43250"
},
{
"cve": "CVE-2025-43251",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43251"
},
{
"cve": "CVE-2025-43252",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43252"
},
{
"cve": "CVE-2025-43253",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43253"
},
{
"cve": "CVE-2025-43254",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43254"
},
{
"cve": "CVE-2025-43255",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43255"
},
{
"cve": "CVE-2025-43256",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43256"
},
{
"cve": "CVE-2025-43257",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43257"
},
{
"cve": "CVE-2025-43259",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43259"
},
{
"cve": "CVE-2025-43260",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43260"
},
{
"cve": "CVE-2025-43261",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43261"
},
{
"cve": "CVE-2025-43264",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43264"
},
{
"cve": "CVE-2025-43265",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43265"
},
{
"cve": "CVE-2025-43266",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43266"
},
{
"cve": "CVE-2025-43267",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43267"
},
{
"cve": "CVE-2025-43268",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43268"
},
{
"cve": "CVE-2025-43270",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43270"
},
{
"cve": "CVE-2025-43273",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43273"
},
{
"cve": "CVE-2025-43274",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43274"
},
{
"cve": "CVE-2025-43275",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43275"
},
{
"cve": "CVE-2025-43276",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43276"
},
{
"cve": "CVE-2025-43277",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43277"
},
{
"cve": "CVE-2025-43284",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-43284"
},
{
"cve": "CVE-2025-6558",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-6558"
},
{
"cve": "CVE-2025-7424",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-7424"
},
{
"cve": "CVE-2025-7425",
"product_status": {
"known_affected": [
"T045720",
"T045718",
"T045719"
]
},
"release_date": "2025-07-29T22:00:00.000+00:00",
"title": "CVE-2025-7425"
}
]
}
opensuse-su-2025:15364-1
Vulnerability from csaf_opensuse
Published
2025-07-20 00:00
Modified
2025-07-20 00:00
Summary
libexslt0-1.1.43-2.1 on GA media
Notes
Title of the patch
libexslt0-1.1.43-2.1 on GA media
Description of the patch
These are all security issues fixed in the libexslt0-1.1.43-2.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15364
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "libexslt0-1.1.43-2.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the libexslt0-1.1.43-2.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15364",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15364-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-7424 page",
"url": "https://www.suse.com/security/cve/CVE-2025-7424/"
}
],
"title": "libexslt0-1.1.43-2.1 on GA media",
"tracking": {
"current_release_date": "2025-07-20T00:00:00Z",
"generator": {
"date": "2025-07-20T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15364-1",
"initial_release_date": "2025-07-20T00:00:00Z",
"revision_history": [
{
"date": "2025-07-20T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libexslt0-1.1.43-2.1.aarch64",
"product": {
"name": "libexslt0-1.1.43-2.1.aarch64",
"product_id": "libexslt0-1.1.43-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "libxslt-devel-1.1.43-2.1.aarch64",
"product": {
"name": "libxslt-devel-1.1.43-2.1.aarch64",
"product_id": "libxslt-devel-1.1.43-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "libxslt-devel-32bit-1.1.43-2.1.aarch64",
"product": {
"name": "libxslt-devel-32bit-1.1.43-2.1.aarch64",
"product_id": "libxslt-devel-32bit-1.1.43-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "libxslt-tools-1.1.43-2.1.aarch64",
"product": {
"name": "libxslt-tools-1.1.43-2.1.aarch64",
"product_id": "libxslt-tools-1.1.43-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "libxslt1-1.1.43-2.1.aarch64",
"product": {
"name": "libxslt1-1.1.43-2.1.aarch64",
"product_id": "libxslt1-1.1.43-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "libxslt1-32bit-1.1.43-2.1.aarch64",
"product": {
"name": "libxslt1-32bit-1.1.43-2.1.aarch64",
"product_id": "libxslt1-32bit-1.1.43-2.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libexslt0-1.1.43-2.1.ppc64le",
"product": {
"name": "libexslt0-1.1.43-2.1.ppc64le",
"product_id": "libexslt0-1.1.43-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libxslt-devel-1.1.43-2.1.ppc64le",
"product": {
"name": "libxslt-devel-1.1.43-2.1.ppc64le",
"product_id": "libxslt-devel-1.1.43-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libxslt-devel-32bit-1.1.43-2.1.ppc64le",
"product": {
"name": "libxslt-devel-32bit-1.1.43-2.1.ppc64le",
"product_id": "libxslt-devel-32bit-1.1.43-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libxslt-tools-1.1.43-2.1.ppc64le",
"product": {
"name": "libxslt-tools-1.1.43-2.1.ppc64le",
"product_id": "libxslt-tools-1.1.43-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libxslt1-1.1.43-2.1.ppc64le",
"product": {
"name": "libxslt1-1.1.43-2.1.ppc64le",
"product_id": "libxslt1-1.1.43-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libxslt1-32bit-1.1.43-2.1.ppc64le",
"product": {
"name": "libxslt1-32bit-1.1.43-2.1.ppc64le",
"product_id": "libxslt1-32bit-1.1.43-2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libexslt0-1.1.43-2.1.s390x",
"product": {
"name": "libexslt0-1.1.43-2.1.s390x",
"product_id": "libexslt0-1.1.43-2.1.s390x"
}
},
{
"category": "product_version",
"name": "libxslt-devel-1.1.43-2.1.s390x",
"product": {
"name": "libxslt-devel-1.1.43-2.1.s390x",
"product_id": "libxslt-devel-1.1.43-2.1.s390x"
}
},
{
"category": "product_version",
"name": "libxslt-devel-32bit-1.1.43-2.1.s390x",
"product": {
"name": "libxslt-devel-32bit-1.1.43-2.1.s390x",
"product_id": "libxslt-devel-32bit-1.1.43-2.1.s390x"
}
},
{
"category": "product_version",
"name": "libxslt-tools-1.1.43-2.1.s390x",
"product": {
"name": "libxslt-tools-1.1.43-2.1.s390x",
"product_id": "libxslt-tools-1.1.43-2.1.s390x"
}
},
{
"category": "product_version",
"name": "libxslt1-1.1.43-2.1.s390x",
"product": {
"name": "libxslt1-1.1.43-2.1.s390x",
"product_id": "libxslt1-1.1.43-2.1.s390x"
}
},
{
"category": "product_version",
"name": "libxslt1-32bit-1.1.43-2.1.s390x",
"product": {
"name": "libxslt1-32bit-1.1.43-2.1.s390x",
"product_id": "libxslt1-32bit-1.1.43-2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libexslt0-1.1.43-2.1.x86_64",
"product": {
"name": "libexslt0-1.1.43-2.1.x86_64",
"product_id": "libexslt0-1.1.43-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "libxslt-devel-1.1.43-2.1.x86_64",
"product": {
"name": "libxslt-devel-1.1.43-2.1.x86_64",
"product_id": "libxslt-devel-1.1.43-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "libxslt-devel-32bit-1.1.43-2.1.x86_64",
"product": {
"name": "libxslt-devel-32bit-1.1.43-2.1.x86_64",
"product_id": "libxslt-devel-32bit-1.1.43-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "libxslt-tools-1.1.43-2.1.x86_64",
"product": {
"name": "libxslt-tools-1.1.43-2.1.x86_64",
"product_id": "libxslt-tools-1.1.43-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "libxslt1-1.1.43-2.1.x86_64",
"product": {
"name": "libxslt1-1.1.43-2.1.x86_64",
"product_id": "libxslt1-1.1.43-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "libxslt1-32bit-1.1.43-2.1.x86_64",
"product": {
"name": "libxslt1-32bit-1.1.43-2.1.x86_64",
"product_id": "libxslt1-32bit-1.1.43-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libexslt0-1.1.43-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libexslt0-1.1.43-2.1.aarch64"
},
"product_reference": "libexslt0-1.1.43-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexslt0-1.1.43-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libexslt0-1.1.43-2.1.ppc64le"
},
"product_reference": "libexslt0-1.1.43-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexslt0-1.1.43-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libexslt0-1.1.43-2.1.s390x"
},
"product_reference": "libexslt0-1.1.43-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexslt0-1.1.43-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libexslt0-1.1.43-2.1.x86_64"
},
"product_reference": "libexslt0-1.1.43-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxslt-devel-1.1.43-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libxslt-devel-1.1.43-2.1.aarch64"
},
"product_reference": "libxslt-devel-1.1.43-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxslt-devel-1.1.43-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libxslt-devel-1.1.43-2.1.ppc64le"
},
"product_reference": "libxslt-devel-1.1.43-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxslt-devel-1.1.43-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libxslt-devel-1.1.43-2.1.s390x"
},
"product_reference": "libxslt-devel-1.1.43-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxslt-devel-1.1.43-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libxslt-devel-1.1.43-2.1.x86_64"
},
"product_reference": "libxslt-devel-1.1.43-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxslt-devel-32bit-1.1.43-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libxslt-devel-32bit-1.1.43-2.1.aarch64"
},
"product_reference": "libxslt-devel-32bit-1.1.43-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxslt-devel-32bit-1.1.43-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libxslt-devel-32bit-1.1.43-2.1.ppc64le"
},
"product_reference": "libxslt-devel-32bit-1.1.43-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxslt-devel-32bit-1.1.43-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libxslt-devel-32bit-1.1.43-2.1.s390x"
},
"product_reference": "libxslt-devel-32bit-1.1.43-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxslt-devel-32bit-1.1.43-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libxslt-devel-32bit-1.1.43-2.1.x86_64"
},
"product_reference": "libxslt-devel-32bit-1.1.43-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxslt-tools-1.1.43-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libxslt-tools-1.1.43-2.1.aarch64"
},
"product_reference": "libxslt-tools-1.1.43-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxslt-tools-1.1.43-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libxslt-tools-1.1.43-2.1.ppc64le"
},
"product_reference": "libxslt-tools-1.1.43-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxslt-tools-1.1.43-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libxslt-tools-1.1.43-2.1.s390x"
},
"product_reference": "libxslt-tools-1.1.43-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxslt-tools-1.1.43-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libxslt-tools-1.1.43-2.1.x86_64"
},
"product_reference": "libxslt-tools-1.1.43-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxslt1-1.1.43-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libxslt1-1.1.43-2.1.aarch64"
},
"product_reference": "libxslt1-1.1.43-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxslt1-1.1.43-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libxslt1-1.1.43-2.1.ppc64le"
},
"product_reference": "libxslt1-1.1.43-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxslt1-1.1.43-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libxslt1-1.1.43-2.1.s390x"
},
"product_reference": "libxslt1-1.1.43-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxslt1-1.1.43-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libxslt1-1.1.43-2.1.x86_64"
},
"product_reference": "libxslt1-1.1.43-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxslt1-32bit-1.1.43-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libxslt1-32bit-1.1.43-2.1.aarch64"
},
"product_reference": "libxslt1-32bit-1.1.43-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxslt1-32bit-1.1.43-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libxslt1-32bit-1.1.43-2.1.ppc64le"
},
"product_reference": "libxslt1-32bit-1.1.43-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxslt1-32bit-1.1.43-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libxslt1-32bit-1.1.43-2.1.s390x"
},
"product_reference": "libxslt1-32bit-1.1.43-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxslt1-32bit-1.1.43-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libxslt1-32bit-1.1.43-2.1.x86_64"
},
"product_reference": "libxslt1-32bit-1.1.43-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-7424",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-7424"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the libxslt library. The same memory field, psvi, is used for both stylesheet and input data, which can lead to type confusion during XML transformations. This vulnerability allows an attacker to crash the application or corrupt memory. In some cases, it may lead to denial of service or unexpected behavior.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libexslt0-1.1.43-2.1.aarch64",
"openSUSE Tumbleweed:libexslt0-1.1.43-2.1.ppc64le",
"openSUSE Tumbleweed:libexslt0-1.1.43-2.1.s390x",
"openSUSE Tumbleweed:libexslt0-1.1.43-2.1.x86_64",
"openSUSE Tumbleweed:libxslt-devel-1.1.43-2.1.aarch64",
"openSUSE Tumbleweed:libxslt-devel-1.1.43-2.1.ppc64le",
"openSUSE Tumbleweed:libxslt-devel-1.1.43-2.1.s390x",
"openSUSE Tumbleweed:libxslt-devel-1.1.43-2.1.x86_64",
"openSUSE Tumbleweed:libxslt-devel-32bit-1.1.43-2.1.aarch64",
"openSUSE Tumbleweed:libxslt-devel-32bit-1.1.43-2.1.ppc64le",
"openSUSE Tumbleweed:libxslt-devel-32bit-1.1.43-2.1.s390x",
"openSUSE Tumbleweed:libxslt-devel-32bit-1.1.43-2.1.x86_64",
"openSUSE Tumbleweed:libxslt-tools-1.1.43-2.1.aarch64",
"openSUSE Tumbleweed:libxslt-tools-1.1.43-2.1.ppc64le",
"openSUSE Tumbleweed:libxslt-tools-1.1.43-2.1.s390x",
"openSUSE Tumbleweed:libxslt-tools-1.1.43-2.1.x86_64",
"openSUSE Tumbleweed:libxslt1-1.1.43-2.1.aarch64",
"openSUSE Tumbleweed:libxslt1-1.1.43-2.1.ppc64le",
"openSUSE Tumbleweed:libxslt1-1.1.43-2.1.s390x",
"openSUSE Tumbleweed:libxslt1-1.1.43-2.1.x86_64",
"openSUSE Tumbleweed:libxslt1-32bit-1.1.43-2.1.aarch64",
"openSUSE Tumbleweed:libxslt1-32bit-1.1.43-2.1.ppc64le",
"openSUSE Tumbleweed:libxslt1-32bit-1.1.43-2.1.s390x",
"openSUSE Tumbleweed:libxslt1-32bit-1.1.43-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-7424",
"url": "https://www.suse.com/security/cve/CVE-2025-7424"
},
{
"category": "external",
"summary": "SUSE Bug 1246360 for CVE-2025-7424",
"url": "https://bugzilla.suse.com/1246360"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libexslt0-1.1.43-2.1.aarch64",
"openSUSE Tumbleweed:libexslt0-1.1.43-2.1.ppc64le",
"openSUSE Tumbleweed:libexslt0-1.1.43-2.1.s390x",
"openSUSE Tumbleweed:libexslt0-1.1.43-2.1.x86_64",
"openSUSE Tumbleweed:libxslt-devel-1.1.43-2.1.aarch64",
"openSUSE Tumbleweed:libxslt-devel-1.1.43-2.1.ppc64le",
"openSUSE Tumbleweed:libxslt-devel-1.1.43-2.1.s390x",
"openSUSE Tumbleweed:libxslt-devel-1.1.43-2.1.x86_64",
"openSUSE Tumbleweed:libxslt-devel-32bit-1.1.43-2.1.aarch64",
"openSUSE Tumbleweed:libxslt-devel-32bit-1.1.43-2.1.ppc64le",
"openSUSE Tumbleweed:libxslt-devel-32bit-1.1.43-2.1.s390x",
"openSUSE Tumbleweed:libxslt-devel-32bit-1.1.43-2.1.x86_64",
"openSUSE Tumbleweed:libxslt-tools-1.1.43-2.1.aarch64",
"openSUSE Tumbleweed:libxslt-tools-1.1.43-2.1.ppc64le",
"openSUSE Tumbleweed:libxslt-tools-1.1.43-2.1.s390x",
"openSUSE Tumbleweed:libxslt-tools-1.1.43-2.1.x86_64",
"openSUSE Tumbleweed:libxslt1-1.1.43-2.1.aarch64",
"openSUSE Tumbleweed:libxslt1-1.1.43-2.1.ppc64le",
"openSUSE Tumbleweed:libxslt1-1.1.43-2.1.s390x",
"openSUSE Tumbleweed:libxslt1-1.1.43-2.1.x86_64",
"openSUSE Tumbleweed:libxslt1-32bit-1.1.43-2.1.aarch64",
"openSUSE Tumbleweed:libxslt1-32bit-1.1.43-2.1.ppc64le",
"openSUSE Tumbleweed:libxslt1-32bit-1.1.43-2.1.s390x",
"openSUSE Tumbleweed:libxslt1-32bit-1.1.43-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libexslt0-1.1.43-2.1.aarch64",
"openSUSE Tumbleweed:libexslt0-1.1.43-2.1.ppc64le",
"openSUSE Tumbleweed:libexslt0-1.1.43-2.1.s390x",
"openSUSE Tumbleweed:libexslt0-1.1.43-2.1.x86_64",
"openSUSE Tumbleweed:libxslt-devel-1.1.43-2.1.aarch64",
"openSUSE Tumbleweed:libxslt-devel-1.1.43-2.1.ppc64le",
"openSUSE Tumbleweed:libxslt-devel-1.1.43-2.1.s390x",
"openSUSE Tumbleweed:libxslt-devel-1.1.43-2.1.x86_64",
"openSUSE Tumbleweed:libxslt-devel-32bit-1.1.43-2.1.aarch64",
"openSUSE Tumbleweed:libxslt-devel-32bit-1.1.43-2.1.ppc64le",
"openSUSE Tumbleweed:libxslt-devel-32bit-1.1.43-2.1.s390x",
"openSUSE Tumbleweed:libxslt-devel-32bit-1.1.43-2.1.x86_64",
"openSUSE Tumbleweed:libxslt-tools-1.1.43-2.1.aarch64",
"openSUSE Tumbleweed:libxslt-tools-1.1.43-2.1.ppc64le",
"openSUSE Tumbleweed:libxslt-tools-1.1.43-2.1.s390x",
"openSUSE Tumbleweed:libxslt-tools-1.1.43-2.1.x86_64",
"openSUSE Tumbleweed:libxslt1-1.1.43-2.1.aarch64",
"openSUSE Tumbleweed:libxslt1-1.1.43-2.1.ppc64le",
"openSUSE Tumbleweed:libxslt1-1.1.43-2.1.s390x",
"openSUSE Tumbleweed:libxslt1-1.1.43-2.1.x86_64",
"openSUSE Tumbleweed:libxslt1-32bit-1.1.43-2.1.aarch64",
"openSUSE Tumbleweed:libxslt1-32bit-1.1.43-2.1.ppc64le",
"openSUSE Tumbleweed:libxslt1-32bit-1.1.43-2.1.s390x",
"openSUSE Tumbleweed:libxslt1-32bit-1.1.43-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-20T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-7424"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…