CVE-2025-24149

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://support.apple.com/en-us/122066", "name": "https://support.apple.com/en-us/122066", "tags": ["Release Notes", "Vendor Advisory"], "refsource": ""}, {"url": "https://support.apple.com/en-us/122067", "name": "https://support.apple.com/en-us/122067", "tags": ["Release Notes", "Vendor Advisory"], "refsource": ""}, {"url": "https://support.apple.com/en-us/122068", "name": "https://support.apple.com/en-us/122068", "tags": ["Release Notes", "Vendor Advisory"], "refsource": ""}, {"url": "https://support.apple.com/en-us/122069", "name": "https://support.apple.com/en-us/122069", "tags": ["Release Notes", "Vendor Advisory"], "refsource": ""}, {"url": "https://support.apple.com/en-us/122070", "name": "https://support.apple.com/en-us/122070", "tags": ["Release Notes", "Vendor Advisory"], "refsource": ""}, {"url": "https://support.apple.com/en-us/122071", "name": "https://support.apple.com/en-us/122071", "tags": ["Release Notes", "Vendor Advisory"], "refsource": ""}, {"url": "https://support.apple.com/en-us/122072", "name": "https://support.apple.com/en-us/122072", "tags": ["Release Notes", "Vendor Advisory"], "refsource": ""}, {"url": "https://support.apple.com/en-us/122073", "name": "https://support.apple.com/en-us/122073", "tags": ["Release Notes", "Vendor Advisory"], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Parsing a file may lead to disclosure of user information."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-125"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2025-24149", "ASSIGNER": "product-security@apple.com"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.8}}, "publishedDate": "2025-01-27T22:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "18.3"}, {"cpe23Uri": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "2.3"}, {"cpe23Uri": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "14.7.3", "versionStartIncluding": "14.0"}, {"cpe23Uri": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "13.7.3"}, {"cpe23Uri": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "11.3"}, {"cpe23Uri": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "18.3"}, {"cpe23Uri": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "17.7.4"}, {"cpe23Uri": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "18.3", "versionStartIncluding": "18.0"}, {"cpe23Uri": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "15.3", "versionStartIncluding": "15.0"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-03-24T18:15Z"}