Use-After-Free Vulnerability in Apple Safari and Related Products
CVE-2025-30427

4.3MEDIUM

Key Information:

Vendor
Apple
Vendor
CVE Published:
31 March 2025

Summary

A use-after-free vulnerability exists within Apple Safari and is associated with improper memory management. This vulnerability can be exploited through the processing of manipulated web content, potentially resulting in an unexpected crash of the Safari browser. Users of affected products, including iOS, iPadOS, tvOS, visionOS, and macOS, are advised to apply the latest updates to enhance security and mitigate risks associated with this flaw.

Affected Version(s)

iOS and iPadOS < 18.4

iPadOS < 17.7

macOS < 15.4

References

CVSS V3.1

Score:
4.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.