CVE-2025-43229

📊 6.1 MEDIUM⚡ 0.0%🎯 0 exploits

📅 Published Jul 30, 2025

📋 Status: Analyzed

This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.6, Safari 18. 6. Processing maliciously crafted web content may lead to universal cross site scripting.

CVSS v3.1 • 134c704f-9b21-4f2e-91b3-4a467353bcc0

🎯 Affected Products & Systems

2 product configurations affected

Filter by type:

Type	Vendor	Product	Version Range	Status	CPE String
📱App	apple	safari	< 18.6	Vulnerable	cpe:2.3:a:apple:safari::::::::
💻OS	apple	macos	< 15.6	Vulnerable	cpe:2.3:o:apple:macos::::::::

📱

apple / safari

Application

Vulnerable

Version: < 18.6

CPE:

cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*

💻

apple / macos

Operating System

Vulnerable

Version: < 15.6

CPE:

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Metrics

6.1 MEDIUMCVSS v3.1134c704f-9b21-4f2e-91b3-4a467353bcc0

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Attack Vector:

NETWORK

Complexity:

LOW

Privileges:

NONE

User Interaction:

REQUIRED

Confidentiality:

LOW

Integrity:

LOW

Availability:

NONE

Scope:

CHANGED

🔍 Technical Details

Analysis Status

Analyzed

CVSS Details

6.1 (MEDIUM)v3.1

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

EPSS Details

0.0% (Minimal)9.7th percentile

Last updated: Oct 30, 2025

Exploitation probability within 30 days

Published Date

Jul 30, 2025 (3 months ago)

Last Modified

Aug 1, 2025 (3 months ago)

Security Weaknesses1

CWE-79

References3

NVDgeneralgeneral