CVE-2025-24201
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-24201
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-24201.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-24201
- Related
- Published
- 2025-03-11T18:15:30Z
- Modified
- 2025-04-17T20:52:23.512163Z
- Downstream
- Severity
-
- 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in visionOS 2.3.2, iOS 18.3.2 and iPadOS 18.3.2, macOS Sequoia 15.3.2, Safari 18.3.1, watchOS 11.4, iPadOS 17.7.6, iOS 16.7.11 and iPadOS 16.7.11, iOS 15.8.4 and iPadOS 15.8.4. Maliciously crafted web content may be able to break out of Web Content sandbox. This is a supplementary fix for an attack that was blocked in iOS 17.2. (Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2.).
- References
-
- https://support.apple.com/en-us/122281
- https://support.apple.com/en-us/122283
- https://support.apple.com/en-us/122284
- https://support.apple.com/en-us/122285
- https://support.apple.com/en-us/122345
- https://support.apple.com/en-us/122346
- https://support.apple.com/en-us/122372
- https://support.apple.com/en-us/122376
- http://seclists.org/fulldisclosure/2025/Apr/16
- http://seclists.org/fulldisclosure/2025/Mar/2
- http://seclists.org/fulldisclosure/2025/Mar/3
- http://seclists.org/fulldisclosure/2025/Mar/4
- http://seclists.org/fulldisclosure/2025/Mar/5
- https://security-tracker.debian.org/tracker/CVE-2025-24201
Affected packages
Debian:12 / chromium
Package
- Name
- chromium
- Purl
- pkg:deb/debian/chromium?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed134.0.6998.88-1~deb12u1
Affected versions
113.*
113.0.5672.126-1
114.*
114.0.5735.90-1
114.0.5735.90-2~deb11u1
114.0.5735.90-2~deb12u1
114.0.5735.90-2
114.0.5735.106-1~deb11u1
114.0.5735.106-1~deb12u1
114.0.5735.106-1
114.0.5735.133-1~deb11u1
114.0.5735.133-1~deb12u1
114.0.5735.133-1
114.0.5735.198-1~deb11u1
114.0.5735.198-1~deb12u1
114.0.5735.198-1
115.*
115.0.5790.98-1~deb11u1
115.0.5790.98-1~deb12u1
115.0.5790.98-1
115.0.5790.98-2
115.0.5790.102-1
115.0.5790.102-2
115.0.5790.170-1~deb11u1
115.0.5790.170-1~deb12u1
115.0.5790.170-1
116.*
116.0.5845.96-1~deb11u1
116.0.5845.96-1~deb12u1
116.0.5845.96-1
116.0.5845.96-2
116.0.5845.110-1~deb11u1
116.0.5845.110-1~deb12u1
116.0.5845.110-1
116.0.5845.110-2
116.0.5845.140-1~deb11u1
116.0.5845.140-1~deb12u1
116.0.5845.140-1
116.0.5845.180-1~deb11u1
116.0.5845.180-1~deb12u1
116.0.5845.180-1
117.*
117.0.5938.62-1~deb11u1
117.0.5938.62-1~deb12u1
117.0.5938.62-1
117.0.5938.92-1
117.0.5938.132-1~deb11u1
117.0.5938.132-1~deb12u1
117.0.5938.132-1
117.0.5938.132-2
117.0.5938.149-1~deb11u1
117.0.5938.149-1~deb12u1
117.0.5938.149-1
118.*
118.0.5993.70-1~deb11u1
118.0.5993.70-1~deb12u1
118.0.5993.70-1
118.0.5993.117-1~deb11u1
118.0.5993.117-1~deb12u1
118.0.5993.117-1
119.*
119.0.6045.105-1~deb11u1
119.0.6045.105-1~deb12u1
119.0.6045.105-1
119.0.6045.123-1~deb11u1
119.0.6045.123-1~deb12u1
119.0.6045.123-1
119.0.6045.159-1~deb11u1
119.0.6045.159-1~deb12u1
119.0.6045.159-1
119.0.6045.199-1~deb11u1
119.0.6045.199-1~deb12u1
119.0.6045.199-1
120.*
120.0.6099.71-1~deb11u1
120.0.6099.71-1~deb12u1
120.0.6099.71-1
120.0.6099.109-1~deb11u1
120.0.6099.109-1~deb12u1
120.0.6099.109-1
120.0.6099.129-1~deb11u1
120.0.6099.129-1~deb12u1
120.0.6099.129-1
120.0.6099.199-1~deb11u1
120.0.6099.199-1~deb12u1
120.0.6099.199-1
120.0.6099.216-1~deb11u1
120.0.6099.216-1~deb12u1
120.0.6099.216-1
120.0.6099.224-1~deb11u1
120.0.6099.224-1~deb12u1
120.0.6099.224-1
120.0.6099.224-2
121.*
121.0.6167.85-1~deb12u1
121.0.6167.85-1
121.0.6167.139-1~deb12u1
121.0.6167.139-1
121.0.6167.160-1~deb12u1
121.0.6167.160-1
122.*
122.0.6261.57-1~deb12u1
122.0.6261.57-1
122.0.6261.94-1~deb12u1
122.0.6261.94-1
122.0.6261.111-1~deb12u1
122.0.6261.111-1
122.0.6261.128-1~deb12u1
122.0.6261.128-1
123.*
123.0.6312.58-1
123.0.6312.86-1~deb12u1
123.0.6312.86-1
123.0.6312.105-1~deb12u1
123.0.6312.105-1~deb13u1
123.0.6312.105-1
123.0.6312.105-2
123.0.6312.122-1~deb12u1
123.0.6312.122-1
124.*
124.0.6367.60-1~deb12u1
124.0.6367.60-1
124.0.6367.60-2
124.0.6367.78-1~deb12u1
124.0.6367.78-1
124.0.6367.118-1~deb12u1
124.0.6367.118-1
124.0.6367.155-1~deb12u1
124.0.6367.155-1
124.0.6367.201-1~deb12u1
124.0.6367.201-1
124.0.6367.207-1~deb12u1
124.0.6367.207-1
125.*
125.0.6422.60-1~deb12u1
125.0.6422.60-1
125.0.6422.76-1~deb12u1
125.0.6422.76-1
125.0.6422.112-1~deb12u1
125.0.6422.112-1
125.0.6422.141-1~deb12u1
125.0.6422.141-1
126.*
126.0.6478.56-1~deb12u1
126.0.6478.56-1
126.0.6478.114-1~deb12u1
126.0.6478.114-1
126.0.6478.126-1~deb12u1
126.0.6478.126-1~deb13u1
126.0.6478.126-1
126.0.6478.182-1~deb12u1
126.0.6478.182-1
127.*
127.0.6533.88-1~deb12u1
127.0.6533.88-1
127.0.6533.99-1~deb12u1
127.0.6533.99-1
127.0.6533.119-1~deb13u1
127.0.6533.119-1
128.*
128.0.6613.84-1~deb12u1
128.0.6613.84-1
128.0.6613.113-1~deb12u1
128.0.6613.113-1~deb13u1
128.0.6613.113-1
128.0.6613.119-1~deb12u1
128.0.6613.119-1
128.0.6613.137-1~deb12u1
128.0.6613.137-1
129.*
129.0.6668.58-1~deb12u1
129.0.6668.58-1
129.0.6668.70-1~deb12u1
129.0.6668.70-1
129.0.6668.89-1~deb12u1
129.0.6668.89-1
129.0.6668.100-1~deb12u1
129.0.6668.100-1
129.0.6668.100-2
130.*
130.0.6723.58-1~deb12u1
130.0.6723.58-1
130.0.6723.69-1~deb12u1
130.0.6723.69-1
130.0.6723.91-1~deb12u1
130.0.6723.91-1
130.0.6723.91-2
130.0.6723.116-1~deb12u1
130.0.6723.116-1
131.*
131.0.6778.85-1~deb12u1
131.0.6778.85-1
131.0.6778.108-1~deb12u1
131.0.6778.108-1
131.0.6778.139-1~deb12u1
131.0.6778.139-1
131.0.6778.204-1~deb12u1
131.0.6778.204-1
131.0.6778.264-1~deb12u1
131.0.6778.264-1
132.*
132.0.6834.83-1~deb12u1
132.0.6834.83-1
132.0.6834.110-1~deb12u1
132.0.6834.110-1
132.0.6834.159-1~deb12u1
132.0.6834.159-1
133.*
133.0.6943.53-1~deb12u1
133.0.6943.53-1
133.0.6943.98-1~deb12u1
133.0.6943.98-1
133.0.6943.126-1~deb12u1
133.0.6943.126-1
133.0.6943.141-2
134.*
134.0.6998.35-1~deb12u1
134.0.6998.35-1
134.0.6998.35-2
134.0.6998.35-3
Debian:11 / webkit2gtk
Package
- Name
- webkit2gtk
- Purl
- pkg:deb/debian/webkit2gtk?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2.*
2.32.3-1
2.32.4-1~deb10u1
2.32.4-1~deb11u1
2.32.4-1
2.33.1-1
2.33.2-1
2.33.3-1
2.33.90-1
2.33.91-1
2.34.0-1~bpo11+1
2.34.0-1
2.34.1-1~deb10u1
2.34.1-1~deb11u1
2.34.1-1
2.34.2-1~bpo11+1
2.34.2-1
2.34.3-1~deb10u1
2.34.3-1~deb11u1
2.34.3-1
2.34.4-1~deb10u1
2.34.4-1~deb11u1
2.34.4-1
2.34.5-1
2.34.6-1~deb10u1
2.34.6-1~deb11u1
2.34.6-1
2.35.1-1
2.35.2-1
2.35.3-1
2.35.90-1
2.36.0-1
2.36.0-2
2.36.0-3~deb10u1
2.36.0-3~deb11u1
2.36.0-3
2.36.1-1
2.36.2-1
2.36.3-1~deb10u1
2.36.3-1~deb11u1
2.36.3-1
2.36.4-1~deb10u1
2.36.4-1~deb11u1
2.36.4-1
2.36.6-1~deb10u1
2.36.6-1~deb11u1
2.36.6-1
2.36.7-1~deb10u1
2.36.7-1~deb11u1
2.36.7-1
2.37.1-1
2.37.1-2
2.37.90-1
2.37.91-1
2.38.0-1~deb10u1
2.38.0-1~deb11u1
2.38.0-1
2.38.0-2
2.38.0-3
2.38.1-1
2.38.2-1~deb10u1
2.38.2-1~deb11u1
2.38.2-1
2.38.3-1~deb10u1
2.38.3-1~deb11u1
2.38.3-1
2.38.4-1
2.38.4-2~deb10u1
2.38.4-2~deb11u1
2.38.4-2
2.38.5-1~deb10u1
2.38.5-1~deb11u1
2.38.5-1
2.38.5-1+m68k
2.39.1-1
2.39.2-1
2.39.3-1
2.39.4-1
2.39.5-1
2.39.7-1
2.39.90-1
2.39.91-1
2.40.0-1
2.40.0-2
2.40.0-3
2.40.1-1~deb11u1
2.40.1-1
2.40.2-1~deb11u1
2.40.2-1~deb12u1
2.40.2-1
2.40.3-1
2.40.3-2~deb11u1
2.40.3-2~deb11u2
2.40.3-2~deb12u1
2.40.3-2~deb12u2
2.40.3-2
2.40.4-1
2.40.5-1~deb11u1
2.40.5-1~deb12u1
2.40.5-1
2.41.4-1
2.41.5-1
2.41.6-1
2.41.90-1
2.41.91-1
2.41.91-2
2.41.92-1
2.42.0-1~bpo12+1
2.42.0-1
2.42.1-1~bpo12+1
2.42.1-1~deb11u1
2.42.1-1~deb11u2
2.42.1-1~deb12u1
2.42.1-1
2.42.1-2
2.42.2-1~deb11u1
2.42.2-1~deb12u1
2.42.2-1
2.42.3-1~deb11u1
2.42.3-1~deb12u1
2.42.3-1
2.42.4-1~deb11u1
2.42.4-1~deb12u1
2.42.4-1
2.42.5-1~deb11u1
2.42.5-1~deb12u1
2.42.5-1
2.42.5-2
2.43.1-1
2.43.2-1
2.43.3-1
2.43.4-1
2.43.4-2
2.44.0-1
2.44.0-2
2.44.1-1~deb11u1
2.44.1-1~deb12u1
2.44.1-1
2.44.2-1~deb11u1
2.44.2-1~deb12u1
2.44.2-1
2.44.3-1~deb11u1
2.44.3-1~deb12u1
2.44.3-1
2.44.4-1
2.45.1-1
2.45.1-2
2.45.2-1
2.45.3-1
2.45.4-1
2.45.5-1
2.45.6-1
2.45.91-1
2.45.92-1
2.46.0-1
2.46.0-2~deb12u1
2.46.0-2
2.46.1-1
2.46.1-2~bpo12+1
2.46.1-2
2.46.2-1
2.46.3-1~deb11u1
2.46.3-1~deb11u2
2.46.3-1~deb12u1
2.46.3-1
2.46.4-1~deb11u1
2.46.4-1~deb12u1
2.46.4-1
2.46.5-1~deb11u1
2.46.5-1~deb12u1
2.46.5-1
2.46.5-1+hurd.1
2.46.5-1+hurd.2
2.46.6-1~deb11u1
2.46.6-1~deb12u1
2.46.6-1
2.47.1-1
2.47.2-1
2.47.3-1
2.47.4-1
2.47.90-1
2.48.0-1~deb12u1
2.48.0-1
2.48.0-1+alpha
2.48.0-1+hurd.1
2.48.0-1+hurd.2
2.48.1-1
2.48.1-2~deb12u1
2.48.1-2
Debian:12 / webkit2gtk
Package
- Name
- webkit2gtk
- Purl
- pkg:deb/debian/webkit2gtk?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.48.0-1~deb12u1
Affected versions
2.*
2.40.1-1
2.40.2-1~deb11u1
2.40.2-1~deb12u1
2.40.2-1
2.40.3-1
2.40.3-2~deb11u1
2.40.3-2~deb11u2
2.40.3-2~deb12u1
2.40.3-2~deb12u2
2.40.3-2
2.40.4-1
2.40.5-1~deb11u1
2.40.5-1~deb12u1
2.40.5-1
2.41.4-1
2.41.5-1
2.41.6-1
2.41.90-1
2.41.91-1
2.41.91-2
2.41.92-1
2.42.0-1~bpo12+1
2.42.0-1
2.42.1-1~bpo12+1
2.42.1-1~deb11u1
2.42.1-1~deb11u2
2.42.1-1~deb12u1
2.42.1-1
2.42.1-2
2.42.2-1~deb11u1
2.42.2-1~deb12u1
2.42.2-1
2.42.3-1~deb11u1
2.42.3-1~deb12u1
2.42.3-1
2.42.4-1~deb11u1
2.42.4-1~deb12u1
2.42.4-1
2.42.5-1~deb11u1
2.42.5-1~deb12u1
2.42.5-1
2.42.5-2
2.43.1-1
2.43.2-1
2.43.3-1
2.43.4-1
2.43.4-2
2.44.0-1
2.44.0-2
2.44.1-1~deb11u1
2.44.1-1~deb12u1
2.44.1-1
2.44.2-1~deb11u1
2.44.2-1~deb12u1
2.44.2-1
2.44.3-1~deb11u1
2.44.3-1~deb12u1
2.44.3-1
2.44.4-1
2.45.1-1
2.45.1-2
2.45.2-1
2.45.3-1
2.45.4-1
2.45.5-1
2.45.6-1
2.45.91-1
2.45.92-1
2.46.0-1
2.46.0-2~deb12u1
2.46.0-2
2.46.1-1
2.46.1-2~bpo12+1
2.46.1-2
2.46.2-1
2.46.3-1~deb11u1
2.46.3-1~deb11u2
2.46.3-1~deb12u1
2.46.3-1
2.46.4-1~deb11u1
2.46.4-1~deb12u1
2.46.4-1
2.46.5-1~deb11u1
2.46.5-1~deb12u1
2.46.5-1
2.46.5-1+hurd.1
2.46.5-1+hurd.2
2.46.6-1~deb11u1
2.46.6-1~deb12u1
2.46.6-1
2.47.1-1
2.47.2-1
2.47.3-1
2.47.4-1
2.47.90-1
Debian:13 / webkit2gtk
Package
- Name
- webkit2gtk
- Purl
- pkg:deb/debian/webkit2gtk?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.48.0-1
Affected versions
2.*
2.40.1-1
2.40.2-1~deb11u1
2.40.2-1~deb12u1
2.40.2-1
2.40.3-1
2.40.3-2~deb11u1
2.40.3-2~deb11u2
2.40.3-2~deb12u1
2.40.3-2~deb12u2
2.40.3-2
2.40.4-1
2.40.5-1~deb11u1
2.40.5-1~deb12u1
2.40.5-1
2.41.4-1
2.41.5-1
2.41.6-1
2.41.90-1
2.41.91-1
2.41.91-2
2.41.92-1
2.42.0-1~bpo12+1
2.42.0-1
2.42.1-1~bpo12+1
2.42.1-1~deb11u1
2.42.1-1~deb11u2
2.42.1-1~deb12u1
2.42.1-1
2.42.1-2
2.42.2-1~deb11u1
2.42.2-1~deb12u1
2.42.2-1
2.42.3-1~deb11u1
2.42.3-1~deb12u1
2.42.3-1
2.42.4-1~deb11u1
2.42.4-1~deb12u1
2.42.4-1
2.42.5-1~deb11u1
2.42.5-1~deb12u1
2.42.5-1
2.42.5-2
2.43.1-1
2.43.2-1
2.43.3-1
2.43.4-1
2.43.4-2
2.44.0-1
2.44.0-2
2.44.1-1~deb11u1
2.44.1-1~deb12u1
2.44.1-1
2.44.2-1~deb11u1
2.44.2-1~deb12u1
2.44.2-1
2.44.3-1~deb11u1
2.44.3-1~deb12u1
2.44.3-1
2.44.4-1
2.45.1-1
2.45.1-2
2.45.2-1
2.45.3-1
2.45.4-1
2.45.5-1
2.45.6-1
2.45.91-1
2.45.92-1
2.46.0-1
2.46.0-2~deb12u1
2.46.0-2
2.46.1-1
2.46.1-2~bpo12+1
2.46.1-2
2.46.2-1
2.46.3-1~deb11u1
2.46.3-1~deb11u2
2.46.3-1~deb12u1
2.46.3-1
2.46.4-1~deb11u1
2.46.4-1~deb12u1
2.46.4-1
2.46.5-1~deb11u1
2.46.5-1~deb12u1
2.46.5-1
2.46.5-1+hurd.1
2.46.5-1+hurd.2
2.46.6-1~deb11u1
2.46.6-1~deb12u1
2.46.6-1
2.47.1-1
2.47.2-1
2.47.3-1
2.47.4-1
2.47.90-1
2.48.0-1~deb12u1
Debian:11 / wpewebkit
Package
- Name
- wpewebkit
- Purl
- pkg:deb/debian/wpewebkit?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2.*
2.32.3-2
2.32.4-1~deb11u1
2.32.4-1
2.34.1-1~deb11u1
2.34.1-1
2.34.2-1
2.34.3-1~deb11u1
2.34.3-1
2.34.4-1~deb11u1
2.34.4-1
2.34.5-1
2.34.6-1~deb11u1
2.34.6-1
2.36.0-1
2.36.0-2~deb11u1
2.36.0-2
2.36.1-1
2.36.3-1~deb11u1
2.36.3-1
2.36.4-1~deb11u1
2.36.4-1
2.36.6-1~deb11u1
2.36.6-1
2.36.7-1~deb11u1
2.36.7-1
2.38.0-1~deb11u1
2.38.0-1
2.38.1-1
2.38.2-1~deb11u1
2.38.2-1
2.38.3-1~deb11u1
2.38.3-1
2.38.4-1~deb11u1
2.38.4-1
2.38.5-1~deb11u1
2.38.5-1
2.38.6-1~deb11u1
2.38.6-1
2.39.91-1
2.40.0-1
2.40.1-1
2.40.2-1
2.40.2-2
2.40.3-1
2.40.4-1
2.40.5-1
2.42.0-1
2.42.1-1
2.42.2-1
2.42.3-1
2.42.4-1
2.42.5-1
2.42.5-1.1~exp1
2.42.5-1.1
2.42.5-1.2
2.42.5-2~exp
2.44.1-1
2.44.2-1
2.44.2-2
2.44.3-1
2.44.4-1
2.46.1-1
2.46.2-1
2.46.3-1
2.46.4-1
2.46.5-1
2.46.6-1
2.48.0-1
2.48.1-1
Debian:12 / wpewebkit
Package
- Name
- wpewebkit
- Purl
- pkg:deb/debian/wpewebkit?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2.*
2.38.6-1
2.39.91-1
2.40.0-1
2.40.1-1
2.40.2-1
2.40.2-2
2.40.3-1
2.40.4-1
2.40.5-1
2.42.0-1
2.42.1-1
2.42.2-1
2.42.3-1
2.42.4-1
2.42.5-1
2.42.5-1.1~exp1
2.42.5-1.1
2.42.5-1.2
2.42.5-2~exp
2.44.1-1
2.44.2-1
2.44.2-2
2.44.3-1
2.44.4-1
2.46.1-1
2.46.2-1
2.46.3-1
2.46.4-1
2.46.5-1
2.46.6-1
2.48.0-1
2.48.1-1
Debian:13 / wpewebkit
Package
- Name
- wpewebkit
- Purl
- pkg:deb/debian/wpewebkit?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.48.0-1
Affected versions
2.*
2.38.6-1
2.39.91-1
2.40.0-1
2.40.1-1
2.40.2-1
2.40.2-2
2.40.3-1
2.40.4-1
2.40.5-1
2.42.0-1
2.42.1-1
2.42.2-1
2.42.3-1
2.42.4-1
2.42.5-1
2.42.5-1.1~exp1
2.42.5-1.1
2.42.5-1.2
2.42.5-2~exp
2.44.1-1
2.44.2-1
2.44.2-2
2.44.3-1
2.44.4-1
2.46.1-1
2.46.2-1
2.46.3-1
2.46.4-1
2.46.5-1
2.46.6-1