VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-t3ky-uwu7-u7cw

Essentials
Severities (47)
References (32)
Severity details (18)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-t3ky-uwu7-u7cw
Aliases	CVE-2025-31257
Summary	This issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to an unexpected Safari crash.
Status	Published
Exploitability	0.5
Weighted Severity	8.0
Risk	4.0
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-416

Use After Free

System	Score	Found at
cvssv3	8.8	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-31257.json
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2025-31257
epss	0.0004	https://api.first.org/data/v1/epss?cve=CVE-2025-31257
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2025-31257
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2025-31257
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2025-31257
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2025-31257
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2025-31257
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2025-31257
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2025-31257
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2025-31257
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2025-31257
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2025-31257
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2025-31257
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2025-31257
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2025-31257
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2025-31257
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2025-31257
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2025-31257
epss	0.00048	https://api.first.org/data/v1/epss?cve=CVE-2025-31257
epss	0.00048	https://api.first.org/data/v1/epss?cve=CVE-2025-31257
epss	0.00048	https://api.first.org/data/v1/epss?cve=CVE-2025-31257
epss	0.00048	https://api.first.org/data/v1/epss?cve=CVE-2025-31257
epss	0.00048	https://api.first.org/data/v1/epss?cve=CVE-2025-31257
epss	0.00048	https://api.first.org/data/v1/epss?cve=CVE-2025-31257
epss	0.00048	https://api.first.org/data/v1/epss?cve=CVE-2025-31257
epss	0.00048	https://api.first.org/data/v1/epss?cve=CVE-2025-31257
epss	0.00048	https://api.first.org/data/v1/epss?cve=CVE-2025-31257
epss	0.00048	https://api.first.org/data/v1/epss?cve=CVE-2025-31257
epss	0.00048	https://api.first.org/data/v1/epss?cve=CVE-2025-31257
cvssv3.1	4.3	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
archlinux	High	https://security.archlinux.org/AVG-2863
archlinux	High	https://security.archlinux.org/AVG-2864
archlinux	High	https://security.archlinux.org/AVG-2865
archlinux	High	https://security.archlinux.org/AVG-2866
cvssv3.1	4.7	https://support.apple.com/en-us/122404
ssvc	Track	https://support.apple.com/en-us/122404
cvssv3.1	4.7	https://support.apple.com/en-us/122716
ssvc	Track	https://support.apple.com/en-us/122716
cvssv3.1	4.7	https://support.apple.com/en-us/122719
ssvc	Track	https://support.apple.com/en-us/122719
cvssv3.1	4.7	https://support.apple.com/en-us/122720
ssvc	Track	https://support.apple.com/en-us/122720
cvssv3.1	4.7	https://support.apple.com/en-us/122721
ssvc	Track	https://support.apple.com/en-us/122721
cvssv3.1	4.7	https://support.apple.com/en-us/122722
ssvc	Track	https://support.apple.com/en-us/122722

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-31257.json
		https://api.first.org/data/v1/epss?cve=CVE-2025-31257
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-31257
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://support.apple.com/en-us/122404
		https://support.apple.com/en-us/122716
		https://support.apple.com/en-us/122719
		https://support.apple.com/en-us/122720
		https://support.apple.com/en-us/122721
		https://support.apple.com/en-us/122722
2366504		https://bugzilla.redhat.com/show_bug.cgi?id=2366504
AVG-2863		https://security.archlinux.org/AVG-2863
AVG-2864		https://security.archlinux.org/AVG-2864
AVG-2865		https://security.archlinux.org/AVG-2865
AVG-2866		https://security.archlinux.org/AVG-2866
cpe:2.3:a:apple:safari::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:safari::::::::
cpe:2.3:o:apple:ipados::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:ipados::::::::
cpe:2.3:o:apple:iphone_os::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os::::::::
cpe:2.3:o:apple:macos::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:macos::::::::
cpe:2.3:o:apple:tvos::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos::::::::
cpe:2.3:o:apple:visionos::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:visionos::::::::
cpe:2.3:o:apple:watchos::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos::::::::
CVE-2025-31257		https://nvd.nist.gov/vuln/detail/CVE-2025-31257
RHSA-2025:7995		https://access.redhat.com/errata/RHSA-2025:7995
RHSA-2025:8046		https://access.redhat.com/errata/RHSA-2025:8046
RHSA-2025:8530		https://access.redhat.com/errata/RHSA-2025:8530
RHSA-2025:8532		https://access.redhat.com/errata/RHSA-2025:8532
RHSA-2025:8533		https://access.redhat.com/errata/RHSA-2025:8533
RHSA-2025:8534		https://access.redhat.com/errata/RHSA-2025:8534
RHSA-2025:8541		https://access.redhat.com/errata/RHSA-2025:8541
RHSA-2025:8600		https://access.redhat.com/errata/RHSA-2025:8600
USN-7566-1		https://usn.ubuntu.com/7566-1/

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-31257.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:L Found at https://support.apple.com/en-us/122404

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-13T15:31:38Z/ Found at https://support.apple.com/en-us/122404

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:L Found at https://support.apple.com/en-us/122716

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-13T15:31:38Z/ Found at https://support.apple.com/en-us/122716

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:L Found at https://support.apple.com/en-us/122719

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-13T15:31:38Z/ Found at https://support.apple.com/en-us/122719

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:L Found at https://support.apple.com/en-us/122720

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-13T15:31:38Z/ Found at https://support.apple.com/en-us/122720

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:L Found at https://support.apple.com/en-us/122721

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-13T15:31:38Z/ Found at https://support.apple.com/en-us/122721

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:L Found at https://support.apple.com/en-us/122722

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-13T15:31:38Z/ Found at https://support.apple.com/en-us/122722

Exploit Prediction Scoring System (EPSS)

Percentile	0.08087
EPSS Score	0.00033
Published At	May 13, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2025-05-13T07:22:59.937565+00:00	NVD Importer	Import	https://nvd.nist.gov/vuln/detail/CVE-2025-31257	36.0.0