Input Validation Vulnerability in Safari Affecting Apple Devices
CVE-2025-31217

6.5MEDIUM

Key Information:

Vendor

Apple

Vendor
CVE Published:
12 May 2025

What is CVE-2025-31217?

An input validation vulnerability in Safari could allow attackers to exploit improperly handled web content, potentially resulting in unexpected crashes of the application. This may lead to user disruption and data exposure. Apple has addressed this issue in multiple updates across its device operating systems, enhancing security measures to prevent exploitation.

Affected Version(s)

iOS and iPadOS < 18.5

iPadOS < 17.7

macOS < 15.5

References

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.