Use-After-Free Vulnerability in Apple Safari and Related Products
CVE-2025-30427

4.3MEDIUM

Key Information:

Vendor: Apple
Status: TV OS; iOS And iPad OS; iPad OS; Mac OS
Vendor: CVE Published:; 31 March 2025

Summary

A use-after-free vulnerability exists within Apple Safari and is associated with improper memory management. This vulnerability can be exploited through the processing of manipulated web content, potentially resulting in an unexpected crash of the Safari browser. Users of affected products, including iOS, iPadOS, tvOS, visionOS, and macOS, are advised to apply the latest updates to enhance security and mitigate risks associated with this flaw.

Affected Version(s)

iOS and iPadOS < 18.4

iPadOS < 17.7

macOS < 15.4

References

https://support.apple.com/en-us/122377

https://support.apple.com/en-us/122371

https://support.apple.com/en-us/122372

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Mar 31, 2025
Vulnerability Reserved
Mar 22, 2025