- Description
- The issue was addressed with improved input sanitization. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.
- Source
- product-security@apple.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Secondary
- Base score
- 5.5
- Impact score
- 3.6
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-400
- Hype score
- Not currently trending
苹果指出,新释出的iOS 18.5特别针对CVE-2025-31251与CVE-2025-31233两个高风险漏洞进行修补。 https://t.co/IX7lCWUKAm #星洲日报 #sinchew
@SinChewPress
31 May 2025
513 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[ZDI-25-304|CVE-2025-31251] Apple macOS JPEG Image Decoding Out-Of-Bounds Write Remote Code Execution Vulnerability (CVSS 8.8; Credit: Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative) https://t.co/82HSphVRKl
@TheZDIBugs
22 May 2025
2361 Impressions
6 Retweets
21 Likes
9 Bookmarks
0 Replies
0 Quotes
⚠️ Vulnerability Alert: Apple iOS/iPadOS Multiple Security Vulnerability Fixes 📅 Timeline: Disclosure: 2025-05-12, Patch: 2025-05-14 🆔 CVE ID: CVE-2025-31251 📊 Base Score: Not Available 📏 CVSS Metrics: Not Available cvssSeverity: High 🟠 📈 EPSS
@syedaquib77
14 May 2025
93 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Five more vuls in macOS Sequoia 15.5/iOS 18.5 (some triggerable via Safari): https://t.co/qchKn8rGIv AppleJPEG: CVE-2025-31251: RCE CoreAudio: CVE-2025-31208: RCE CoreMedia: CVE-2025-31239: RCE CVE-2025-31233: RCE CoreGraphics: CVE-2025-31209: info disc
@minacrissDev_
14 May 2025
453 Impressions
2 Retweets
3 Likes
1 Bookmark
1 Reply
0 Quotes
Five more vuls in macOS Sequoia 15.5/iOS 18.5 (some triggerable via Safari): https://t.co/tzCoeVZl4u AppleJPEG: CVE-2025-31251: RCE CoreAudio: CVE-2025-31208: RCE CoreMedia: CVE-2025-31239: RCE CVE-2025-31233: RCE CoreGraphics: CVE-2025-31209: info disc
@hosselot
13 May 2025
6681 Impressions
20 Retweets
108 Likes
28 Bookmarks
3 Replies
0 Quotes
CVE-2025-31251 Arbitrary Code Execution in Apple Media Processing Across Multiple Operating Systems https://t.co/lYSQmpFsRw
@VulmonFeeds
13 May 2025
38 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-31251 The issue was addressed with improved input sanitization. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5… https://t.co/w3bsAtgPWw
@CVEnew
12 May 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "683ECAF8-DB29-40DB-963A-B95EA2A2AC01",
"versionEndExcluding": "17.7.7"
},
{
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "069735D6-38B4-402A-9E79-1961701C9AD3",
"versionEndExcluding": "18.5",
"versionStartIncluding": "18.0"
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AF6AAC00-F384-4B0D-BBA9-C2AD278BF653",
"versionEndExcluding": "18.5"
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A90AA958-60F3-474C-B351-0F143B498B3E",
"versionEndExcluding": "13.7.6"
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0EE6D3FD-8A49-48CF-80A3-0FFC6BA80B99",
"versionEndExcluding": "14.7.6",
"versionStartIncluding": "14.0"
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C7416C76-07EC-4132-A509-E3F62B002CCA",
"versionEndExcluding": "15.5",
"versionStartIncluding": "15.0"
},
{
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "519C8A39-A24E-44B7-B1E8-6EF647FEFCA8",
"versionEndExcluding": "18.5"
},
{
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "047CDCCE-04BB-4D43-9831-7694992C5CC4",
"versionEndExcluding": "2.5"
},
{
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0CBDEF1C-6D76-4F9D-8433-3AC16F3860F4",
"versionEndExcluding": "11.5"
}
],
"operator": "OR"
}
]
}
]