CVE-2025-24277

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://support.apple.com/en-us/122373", "name": "https://support.apple.com/en-us/122373", "tags": ["Vendor Advisory"], "refsource": ""}, {"url": "https://support.apple.com/en-us/122374", "name": "https://support.apple.com/en-us/122374", "tags": ["Vendor Advisory"], "refsource": ""}, {"url": "https://support.apple.com/en-us/122375", "name": "https://support.apple.com/en-us/122375", "tags": ["Vendor Advisory"], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to gain root privileges."}]}, "problemtype": {"problemtype_data": [{"description": []}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2025-24277", "ASSIGNER": "product-security@apple.com"}}, "impact": {}, "publishedDate": "2025-03-31T23:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "13.7.5", "versionStartIncluding": "13.0"}, {"cpe23Uri": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "14.7.5", "versionStartIncluding": "14.0"}, {"cpe23Uri": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "15.4", "versionStartIncluding": "15.0"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-04-04T19:49Z"}