Search for vulnerabilities
Vulnerability details: VCID-2zmm-ts7g-auhs
Vulnerability ID VCID-2zmm-ts7g-auhs
Aliases CVE-2025-43211
Summary The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, macOS Sequoia 15.6, iPadOS 17.7.9, iOS 18.6 and iPadOS 18.6, tvOS 18.6, watchOS 11.6, visionOS 2.6. Processing web content may lead to a denial-of-service.
Status Published
Exploitability 0.5
Weighted Severity 5.9
Risk 3.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-770 Allocation of Resources Without Limits or Throttling
System Score Found at
cvssv3 6.5 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-43211.json
epss 0.00012 https://api.first.org/data/v1/epss?cve=CVE-2025-43211
epss 0.00012 https://api.first.org/data/v1/epss?cve=CVE-2025-43211
epss 0.00012 https://api.first.org/data/v1/epss?cve=CVE-2025-43211
epss 0.00012 https://api.first.org/data/v1/epss?cve=CVE-2025-43211
epss 0.00015 https://api.first.org/data/v1/epss?cve=CVE-2025-43211
epss 0.00015 https://api.first.org/data/v1/epss?cve=CVE-2025-43211
epss 0.00015 https://api.first.org/data/v1/epss?cve=CVE-2025-43211
epss 0.00015 https://api.first.org/data/v1/epss?cve=CVE-2025-43211
epss 0.00015 https://api.first.org/data/v1/epss?cve=CVE-2025-43211
epss 0.00015 https://api.first.org/data/v1/epss?cve=CVE-2025-43211
epss 0.00015 https://api.first.org/data/v1/epss?cve=CVE-2025-43211
epss 0.00015 https://api.first.org/data/v1/epss?cve=CVE-2025-43211
epss 0.00015 https://api.first.org/data/v1/epss?cve=CVE-2025-43211
epss 0.00015 https://api.first.org/data/v1/epss?cve=CVE-2025-43211
epss 0.00015 https://api.first.org/data/v1/epss?cve=CVE-2025-43211
epss 0.00024 https://api.first.org/data/v1/epss?cve=CVE-2025-43211
cvssv3.1 6.5 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1 6.2 https://support.apple.com/en-us/124147
ssvc Track https://support.apple.com/en-us/124147
cvssv3.1 6.2 https://support.apple.com/en-us/124148
ssvc Track https://support.apple.com/en-us/124148
cvssv3.1 6.2 https://support.apple.com/en-us/124149
ssvc Track https://support.apple.com/en-us/124149
cvssv3.1 6.2 https://support.apple.com/en-us/124152
ssvc Track https://support.apple.com/en-us/124152
cvssv3.1 6.2 https://support.apple.com/en-us/124153
ssvc Track https://support.apple.com/en-us/124153
cvssv3.1 6.2 https://support.apple.com/en-us/124154
ssvc Track https://support.apple.com/en-us/124154
cvssv3.1 6.2 https://support.apple.com/en-us/124155
ssvc Track https://support.apple.com/en-us/124155
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-43211.json
https://api.first.org/data/v1/epss?cve=CVE-2025-43211
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43211
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
124147 https://support.apple.com/en-us/124147
124148 https://support.apple.com/en-us/124148
124149 https://support.apple.com/en-us/124149
124152 https://support.apple.com/en-us/124152
124153 https://support.apple.com/en-us/124153
124154 https://support.apple.com/en-us/124154
124155 https://support.apple.com/en-us/124155
2386270 https://bugzilla.redhat.com/show_bug.cgi?id=2386270
cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
CVE-2025-43211 https://nvd.nist.gov/vuln/detail/CVE-2025-43211
RHSA-2025:13780 https://access.redhat.com/errata/RHSA-2025:13780
RHSA-2025:13782 https://access.redhat.com/errata/RHSA-2025:13782
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-43211.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://support.apple.com/en-us/124147
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-30T18:06:53Z/ Found at https://support.apple.com/en-us/124147
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://support.apple.com/en-us/124148
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-30T18:06:53Z/ Found at https://support.apple.com/en-us/124148
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://support.apple.com/en-us/124149
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-30T18:06:53Z/ Found at https://support.apple.com/en-us/124149
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://support.apple.com/en-us/124152
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-30T18:06:53Z/ Found at https://support.apple.com/en-us/124152
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://support.apple.com/en-us/124153
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-30T18:06:53Z/ Found at https://support.apple.com/en-us/124153
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://support.apple.com/en-us/124154
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-30T18:06:53Z/ Found at https://support.apple.com/en-us/124154
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://support.apple.com/en-us/124155
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-30T18:06:53Z/ Found at https://support.apple.com/en-us/124155
Exploit Prediction Scoring System (EPSS)
Percentile 0.01158
EPSS Score 0.00012
Published At July 31, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T09:18:06.598783+00:00 Vulnrichment Import https://github.com/cisagov/vulnrichment/blob/develop/2025/43xxx/CVE-2025-43211.json 37.0.0