{"resultsPerPage":30,"startIndex":0,"totalResults":30,"format":"NVD_CVEHistory","version":"2.0","timestamp":"2026-07-07T15:58:40.200","cveChanges":[{"change":{"cveId":"CVE-2025-24201","eventName":"New CVE Received","cveChangeId":"C136ECED-A817-487A-AA18-28E404B5B298","sourceIdentifier":"product-security@apple.com","created":"2025-03-11T18:15:30.190","details":[{"action":"Added","type":"Description","newValue":"An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in visionOS 2.3.2, iOS 18.3.2 and iPadOS 18.3.2, macOS Sequoia 15.3.2. Maliciously crafted web content may be able to break out of Web Content sandbox. This is a supplementary fix for an attack that was blocked in iOS 17.2. (Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2.)."},{"action":"Added","type":"Reference","newValue":"https:\/\/support.apple.com\/en-us\/122281"},{"action":"Added","type":"Reference","newValue":"https:\/\/support.apple.com\/en-us\/122283"},{"action":"Added","type":"Reference","newValue":"https:\/\/support.apple.com\/en-us\/122284"}]}},{"change":{"cveId":"CVE-2025-24201","eventName":"CVE Modified","cveChangeId":"C8B321E5-B5BF-4A4A-8AFB-9FA27E5435D9","sourceIdentifier":"product-security@apple.com","created":"2025-03-11T20:15:16.827","details":[{"action":"Changed","type":"Description","oldValue":"An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in visionOS 2.3.2, iOS 18.3.2 and iPadOS 18.3.2, macOS Sequoia 15.3.2. Maliciously crafted web content may be able to break out of Web Content sandbox. This is a supplementary fix for an attack that was blocked in iOS 17.2. (Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2.).","newValue":"An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in visionOS 2.3.2, iOS 18.3.2 and iPadOS 18.3.2, macOS Sequoia 15.3.2, Safari 18.3.1. Maliciously crafted web content may be able to break out of Web Content sandbox. This is a supplementary fix for an attack that was blocked in iOS 17.2. (Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2.)."},{"action":"Added","type":"Reference","newValue":"https:\/\/support.apple.com\/en-us\/122285"}]}},{"change":{"cveId":"CVE-2025-24201","eventName":"CVE Modified","cveChangeId":"5560D3BE-9A54-47F2-98C1-1535A341AF69","sourceIdentifier":"134c704f-9b21-4f2e-91b3-4a467353bcc0","created":"2025-03-12T21:15:41.853","details":[{"action":"Added","type":"CVSS V3.1","newValue":"AV:N\/AC:H\/PR:L\/UI:R\/S:U\/C:H\/I:H\/A:H"},{"action":"Added","type":"CWE","newValue":"CWE-787"}]}},{"change":{"cveId":"CVE-2025-24201","eventName":"CVE CISA KEV Update","cveChangeId":"102EA8B9-4280-410D-8B30-4DD1EBD5D279","sourceIdentifier":"9119a7d8-5eab-497f-8521-727c672e3725","created":"2025-03-14T01:00:02.333","details":[{"action":"Added","type":"Date Added","newValue":"2025-03-13"},{"action":"Added","type":"Due Date","newValue":"2025-04-03"},{"action":"Added","type":"Vulnerability Name","newValue":"Apple Multiple Products WebKit Out-of-Bounds Write Vulnerability"},{"action":"Added","type":"Required Action","newValue":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable."}]}},{"change":{"cveId":"CVE-2025-24201","eventName":"Initial Analysis","cveChangeId":"28BAE876-AF5A-426D-BCA7-93063D0F4E31","sourceIdentifier":"nvd@nist.gov","created":"2025-03-14T20:35:27.923","details":[{"action":"Added","type":"CVSS V3.1","newValue":"AV:N\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H"},{"action":"Added","type":"CWE","newValue":"CWE-787"},{"action":"Added","type":"CPE Configuration","newValue":"OR\n          *cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:* versions from (excluding) 2.3.2\n          *cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* versions from (excluding) 18.3.1\n          *cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* versions from (excluding) 18.3.2\n          *cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* versions from (excluding) 18.3.2\n          *cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* versions from (excluding) 15.3.2"},{"action":"Added","type":"Reference Type","newValue":"Apple Inc.: https:\/\/support.apple.com\/en-us\/122281 Types: Vendor Advisory"},{"action":"Added","type":"Reference Type","newValue":"Apple Inc.: https:\/\/support.apple.com\/en-us\/122283 Types: Vendor Advisory"},{"action":"Added","type":"Reference Type","newValue":"Apple Inc.: https:\/\/support.apple.com\/en-us\/122284 Types: Vendor Advisory"},{"action":"Added","type":"Reference Type","newValue":"Apple Inc.: https:\/\/support.apple.com\/en-us\/122285 Types: Vendor Advisory"}]}},{"change":{"cveId":"CVE-2025-24201","eventName":"CVE Modified","cveChangeId":"E0D99963-0D39-4E74-9A41-6B10EF17CC8C","sourceIdentifier":"af854a3a-2127-422b-91ae-364da2661108","created":"2025-03-20T14:15:23.733","details":[{"action":"Added","type":"Reference","newValue":"http:\/\/seclists.org\/fulldisclosure\/2025\/Mar\/2"},{"action":"Added","type":"Reference","newValue":"http:\/\/seclists.org\/fulldisclosure\/2025\/Mar\/3"},{"action":"Added","type":"Reference","newValue":"http:\/\/seclists.org\/fulldisclosure\/2025\/Mar\/4"}]}},{"change":{"cveId":"CVE-2025-24201","eventName":"CVE Modified","cveChangeId":"1E18AD81-860C-4F1C-B7D6-0475C8BC01D1","sourceIdentifier":"af854a3a-2127-422b-91ae-364da2661108","created":"2025-03-20T15:15:45.627","details":[{"action":"Added","type":"Reference","newValue":"http:\/\/seclists.org\/fulldisclosure\/2025\/Mar\/5"}]}},{"change":{"cveId":"CVE-2025-24201","eventName":"Modified Analysis","cveChangeId":"1C626D36-5C1B-497C-8D57-F524F3DCD329","sourceIdentifier":"nvd@nist.gov","created":"2025-04-02T20:33:42.653","details":[{"action":"Added","type":"Reference Type","newValue":"CVE: http:\/\/seclists.org\/fulldisclosure\/2025\/Mar\/2 Types: Mailing List, Third Party Advisory"},{"action":"Added","type":"Reference Type","newValue":"CVE: http:\/\/seclists.org\/fulldisclosure\/2025\/Mar\/3 Types: Mailing List, Third Party Advisory"},{"action":"Added","type":"Reference Type","newValue":"CVE: http:\/\/seclists.org\/fulldisclosure\/2025\/Mar\/4 Types: Mailing List, Third Party Advisory"},{"action":"Added","type":"Reference Type","newValue":"CVE: http:\/\/seclists.org\/fulldisclosure\/2025\/Mar\/5 Types: Mailing List, Third Party Advisory"},{"action":"Changed","type":"Reference Type","oldValue":"Apple Inc.: https:\/\/support.apple.com\/en-us\/122281 Types: Vendor Advisory","newValue":"Apple Inc.: https:\/\/support.apple.com\/en-us\/122281 Types: Release Notes, Vendor Advisory"},{"action":"Changed","type":"Reference Type","oldValue":"Apple Inc.: https:\/\/support.apple.com\/en-us\/122283 Types: Vendor Advisory","newValue":"Apple Inc.: https:\/\/support.apple.com\/en-us\/122283 Types: Release Notes, Vendor Advisory"},{"action":"Changed","type":"Reference Type","oldValue":"Apple Inc.: https:\/\/support.apple.com\/en-us\/122284 Types: Vendor Advisory","newValue":"Apple Inc.: https:\/\/support.apple.com\/en-us\/122284 Types: Release Notes, Vendor Advisory"},{"action":"Changed","type":"Reference Type","oldValue":"Apple Inc.: https:\/\/support.apple.com\/en-us\/122285 Types: Vendor Advisory","newValue":"Apple Inc.: https:\/\/support.apple.com\/en-us\/122285 Types: Release Notes, Vendor Advisory"}]}},{"change":{"cveId":"CVE-2025-24201","eventName":"CVE Modified","cveChangeId":"1698245A-A7C5-4305-849F-838CCF52725E","sourceIdentifier":"product-security@apple.com","created":"2025-04-11T14:15:24.497","details":[{"action":"Changed","type":"Description","oldValue":"An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in visionOS 2.3.2, iOS 18.3.2 and iPadOS 18.3.2, macOS Sequoia 15.3.2, Safari 18.3.1. Maliciously crafted web content may be able to break out of Web Content sandbox. This is a supplementary fix for an attack that was blocked in iOS 17.2. (Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2.).","newValue":"An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in visionOS 2.3.2, iOS 18.3.2 and iPadOS 18.3.2, macOS Sequoia 15.3.2, Safari 18.3.1, watchOS 11.4, iPadOS 17.7.6, iOS 16.7.11 and iPadOS 16.7.11, iOS 15.8.4 and iPadOS 15.8.4. Maliciously crafted web content may be able to break out of Web Content sandbox. This is a supplementary fix for an attack that was blocked in iOS 17.2. (Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2.)."},{"action":"Added","type":"Reference","newValue":"https:\/\/support.apple.com\/en-us\/122345"},{"action":"Added","type":"Reference","newValue":"https:\/\/support.apple.com\/en-us\/122346"},{"action":"Added","type":"Reference","newValue":"https:\/\/support.apple.com\/en-us\/122372"},{"action":"Added","type":"Reference","newValue":"https:\/\/support.apple.com\/en-us\/122376"}]}},{"change":{"cveId":"CVE-2025-24201","eventName":"CVE Modified","cveChangeId":"FFC39643-63D0-4B9B-9AC4-2AD58B64898D","sourceIdentifier":"af854a3a-2127-422b-91ae-364da2661108","created":"2025-04-13T20:15:15.190","details":[{"action":"Added","type":"Reference","newValue":"http:\/\/seclists.org\/fulldisclosure\/2025\/Apr\/16"}]}},{"change":{"cveId":"CVE-2025-24201","eventName":"Modified Analysis","cveChangeId":"6FBD5D5C-D00D-4350-A9D5-DA8A3D53FC31","sourceIdentifier":"nvd@nist.gov","created":"2025-04-17T18:58:55.450","details":[{"action":"Added","type":"CPE Configuration","newValue":"OR\n          *cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* versions from (including) 15.8 up to (excluding) 15.8.4\n          *cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* versions from (including) 16.7 up to (excluding) 16.7.11"},{"action":"Added","type":"CPE Configuration","newValue":"OR\n          *cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* versions from (including) 15.8 up to (excluding) 15.8.4\n          *cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* versions from (including) 16.7 up to (excluding) 16.7.11"},{"action":"Changed","type":"CPE Configuration","oldValue":"OR\n          *cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:* versions up to (excluding) 2.3.2\n          *cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* versions up to (excluding) 18.3.1\n          *cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* versions up to (excluding) 18.3.2\n          *cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* versions up to (excluding) 18.3.2\n          *cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* versions up to (excluding) 15.3.2","newValue":"OR\n          *cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:* versions up to (excluding) 2.3.2\n          *cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* versions up to (excluding) 18.3.1\n          *cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* versions up to (excluding) 18.3.2\n          *cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* versions up to (excluding) 18.3.2\n          *cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* versions up to (excluding) 15.3.2\n          *cpe:2.3:o:apple:watchos:11.4:*:*:*:*:*:*:*"},{"action":"Added","type":"Reference Type","newValue":"CVE: http:\/\/seclists.org\/fulldisclosure\/2025\/Apr\/16 Types: Mailing List, Third Party Advisory"},{"action":"Added","type":"Reference Type","newValue":"Apple Inc.: https:\/\/support.apple.com\/en-us\/122345 Types: Release Notes, Vendor Advisory"},{"action":"Added","type":"Reference Type","newValue":"Apple Inc.: https:\/\/support.apple.com\/en-us\/122346 Types: Release Notes, Vendor Advisory"},{"action":"Added","type":"Reference Type","newValue":"Apple Inc.: https:\/\/support.apple.com\/en-us\/122372 Types: Release Notes, Vendor Advisory"},{"action":"Added","type":"Reference Type","newValue":"Apple Inc.: https:\/\/support.apple.com\/en-us\/122376 Types: Release Notes, Vendor Advisory"}]}},{"change":{"cveId":"CVE-2025-24201","eventName":"CVE Modified","cveChangeId":"555F1FF2-954A-437A-B1DC-0C11C945CC9A","sourceIdentifier":"134c704f-9b21-4f2e-91b3-4a467353bcc0","created":"2025-10-21T19:21:10.220","details":[{"action":"Added","type":"Reference","newValue":"https:\/\/www.cisa.gov\/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-24201"}]}},{"change":{"cveId":"CVE-2025-24201","eventName":"CVE Modified","cveChangeId":"8B7CA803-9CCE-4505-9DC7-470DC014D149","sourceIdentifier":"134c704f-9b21-4f2e-91b3-4a467353bcc0","created":"2025-10-21T20:20:29.900","details":[{"action":"Removed","type":"Reference","oldValue":"https:\/\/www.cisa.gov\/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-24201"}]}},{"change":{"cveId":"CVE-2025-24201","eventName":"CVE Modified","cveChangeId":"30A52B2D-1ED7-4C0E-8DB4-127501568D6F","sourceIdentifier":"134c704f-9b21-4f2e-91b3-4a467353bcc0","created":"2025-10-21T23:16:51.780","details":[{"action":"Added","type":"Reference","newValue":"https:\/\/www.cisa.gov\/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-24201"}]}},{"change":{"cveId":"CVE-2025-24201","eventName":"Modified Analysis","cveChangeId":"21C421C0-E912-496C-B687-50DE5058587E","sourceIdentifier":"nvd@nist.gov","created":"2025-10-23T18:50:47.517","details":[{"action":"Added","type":"Reference Type","newValue":"CISA-ADP: https:\/\/www.cisa.gov\/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-24201 Types: US Government Resource"}]}},{"change":{"cveId":"CVE-2025-24201","eventName":"CVE Modified","cveChangeId":"8EB4906F-59A2-461E-B2DB-68919A93D7EA","sourceIdentifier":"af854a3a-2127-422b-91ae-364da2661108","created":"2025-11-03T18:15:51.540","details":[{"action":"Added","type":"Reference","newValue":"http:\/\/seclists.org\/fulldisclosure\/2025\/Oct\/31"}]}},{"change":{"cveId":"CVE-2025-24201","eventName":"CVE Modified","cveChangeId":"966DC71F-4695-429E-80AE-214DC24A415E","sourceIdentifier":"af854a3a-2127-422b-91ae-364da2661108","created":"2025-11-03T19:15:49.000","details":[{"action":"Added","type":"Reference","newValue":"http:\/\/seclists.org\/fulldisclosure\/2025\/Oct\/1"}]}},{"change":{"cveId":"CVE-2025-24201","eventName":"CVE Modified","cveChangeId":"09E75B48-A7F5-4642-B404-17D2A85DEB5E","sourceIdentifier":"af854a3a-2127-422b-91ae-364da2661108","created":"2025-11-03T20:17:50.677","details":[{"action":"Added","type":"Reference","newValue":"http:\/\/seclists.org\/fulldisclosure\/2025\/Jun\/19"},{"action":"Added","type":"Reference","newValue":"https:\/\/lists.debian.org\/debian-lts-announce\/2025\/06\/msg00016.html"}]}},{"change":{"cveId":"CVE-2025-24201","eventName":"CVE Modified","cveChangeId":"87B05AB2-A5D3-4FDD-914D-047002753FF0","sourceIdentifier":"af854a3a-2127-422b-91ae-364da2661108","created":"2025-11-03T21:19:33.293","details":[{"action":"Added","type":"Reference","newValue":"http:\/\/seclists.org\/fulldisclosure\/2025\/Apr\/7"}]}},{"change":{"cveId":"CVE-2025-24201","eventName":"Modified Analysis","cveChangeId":"3220FF55-509B-4A50-B3EB-03B1B1D29D50","sourceIdentifier":"nvd@nist.gov","created":"2025-11-04T15:19:59.977","details":[{"action":"Added","type":"CVSS V3.1","newValue":"AV:N\/AC:H\/PR:L\/UI:R\/S:U\/C:H\/I:H\/A:H"},{"action":"Removed","type":"CVSS V3.1","oldValue":"AV:N\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H"},{"action":"Added","type":"CPE Configuration","newValue":"\nOR\n          *cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*"},{"action":"Changed","type":"CPE Configuration","oldValue":"\nOR\n          *cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:* versions up to (excluding) 2.3.2\n          *cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* versions up to (excluding) 18.3.1\n          *cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* versions up to (excluding) 18.3.2\n          *cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* versions up to (excluding) 18.3.2\n          *cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* versions up to (excluding) 15.3.2\n          *cpe:2.3:o:apple:watchos:11.4:*:*:*:*:*:*:*","newValue":"\nOR\n          *cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:* versions up to (excluding) 2.3.2\n          *cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* versions up to (excluding) 18.3.1\n          *cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* versions up to (excluding) 15.3.2\n          *cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* versions up to (excluding) 11.4"},{"action":"Changed","type":"CPE Configuration","oldValue":"\nOR\n          *cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* versions from (including) 15.8 up to (excluding) 15.8.4\n          *cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* versions from (including) 16.7 up to (excluding) 16.7.11","newValue":"\nOR\n          *cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* versions from (including) 15.8 up to (excluding) 15.8.4\n          *cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* versions from (including) 16.7 up to (excluding) 16.7.11\n          *cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* versions from (including) 18.0 up to (excluding) 18.3.2\n          *cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* versions from (including) 17.0 up to (excluding) 17.7.6"},{"action":"Changed","type":"CPE Configuration","oldValue":"\nOR\n          *cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* versions from (including) 15.8 up to (excluding) 15.8.4\n          *cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* versions from (including) 16.7 up to (excluding) 16.7.11","newValue":"\nOR\n          *cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* versions from (including) 15.8 up to (excluding) 15.8.4\n          *cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* versions from (including) 16.7 up to (excluding) 16.7.11\n          *cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* versions from (including) 17.0 up to (excluding) 18.3.2"},{"action":"Added","type":"Reference Type","newValue":"CVE: http:\/\/seclists.org\/fulldisclosure\/2025\/Apr\/7 Types: Mailing List, Third Party Advisory"},{"action":"Added","type":"Reference Type","newValue":"CVE: http:\/\/seclists.org\/fulldisclosure\/2025\/Jun\/19 Types: Mailing List, Third Party Advisory"},{"action":"Added","type":"Reference Type","newValue":"CVE: http:\/\/seclists.org\/fulldisclosure\/2025\/Oct\/1 Types: Mailing List, Third Party Advisory"},{"action":"Added","type":"Reference Type","newValue":"CVE: http:\/\/seclists.org\/fulldisclosure\/2025\/Oct\/31 Types: Mailing List, Third Party Advisory"},{"action":"Added","type":"Reference Type","newValue":"CVE: https:\/\/lists.debian.org\/debian-lts-announce\/2025\/06\/msg00016.html Types: Mailing List"}]}},{"change":{"cveId":"CVE-2025-24201","eventName":"CVE Modified","cveChangeId":"5FAD82C7-D033-4659-BB1F-69A55CF5D5A4","sourceIdentifier":"af854a3a-2127-422b-91ae-364da2661108","created":"2025-11-11T15:15:35.957","details":[{"action":"Added","type":"Reference","newValue":"https:\/\/github.com\/JGoyd\/Glass-Cage-iOS18-CVE-2025-24085-CVE-2025-24201"}]}},{"change":{"cveId":"CVE-2025-24201","eventName":"Modified Analysis","cveChangeId":"43909F96-DFDC-48B5-82D4-BEC75E3E4216","sourceIdentifier":"nvd@nist.gov","created":"2025-11-12T14:32:56.177","details":[{"action":"Added","type":"Reference Type","newValue":"CVE: https:\/\/github.com\/JGoyd\/Glass-Cage-iOS18-CVE-2025-24085-CVE-2025-24201 Types: Third Party Advisory"}]}},{"change":{"cveId":"CVE-2025-24201","eventName":"CVE Modified","cveChangeId":"F73907EE-F3DF-41D5-AB06-69523B9C02B1","sourceIdentifier":"134c704f-9b21-4f2e-91b3-4a467353bcc0","created":"2025-11-12T15:15:36.910","details":[{"action":"Added","type":"CVSS V3.1","newValue":"AV:N\/AC:L\/PR:N\/UI:N\/S:C\/C:H\/I:H\/A:H"},{"action":"Removed","type":"CVSS V3.1","oldValue":"AV:N\/AC:H\/PR:L\/UI:R\/S:U\/C:H\/I:H\/A:H"}]}},{"change":{"cveId":"CVE-2025-24201","eventName":"Modified Analysis","cveChangeId":"2E4B00DB-7523-437A-A3CD-92A1C18DBDAA","sourceIdentifier":"nvd@nist.gov","created":"2025-11-13T15:07:16.107","details":[]}},{"change":{"cveId":"CVE-2025-24201","eventName":"CVE Modified","cveChangeId":"695984C0-032B-4439-B8E4-47BC918F0A7D","sourceIdentifier":"af854a3a-2127-422b-91ae-364da2661108","created":"2025-11-13T20:15:48.763","details":[{"action":"Added","type":"Reference","newValue":"https:\/\/github.com\/cisagov\/vulnrichment\/issues\/194"}]}},{"change":{"cveId":"CVE-2025-24201","eventName":"Modified Analysis","cveChangeId":"EB4FC0F5-1D79-466D-89B3-8E97DE2D49C9","sourceIdentifier":"nvd@nist.gov","created":"2025-11-14T13:52:54.993","details":[{"action":"Added","type":"CVSS V3.1","newValue":"AV:N\/AC:L\/PR:N\/UI:N\/S:C\/C:H\/I:H\/A:H"},{"action":"Removed","type":"CVSS V3.1","oldValue":"AV:N\/AC:H\/PR:L\/UI:R\/S:U\/C:H\/I:H\/A:H"},{"action":"Added","type":"Reference Type","newValue":"CVE: https:\/\/github.com\/cisagov\/vulnrichment\/issues\/194 Types: Issue Tracking"}]}},{"change":{"cveId":"CVE-2025-24201","eventName":"CVE Modified","cveChangeId":"141D66A6-FFFB-46D1-B3B3-ECC774BA96DB","sourceIdentifier":"product-security@apple.com","created":"2026-04-02T19:19:17.787","details":[{"action":"Changed","type":"Description","oldValue":"An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in visionOS 2.3.2, iOS 18.3.2 and iPadOS 18.3.2, macOS Sequoia 15.3.2, Safari 18.3.1, watchOS 11.4, iPadOS 17.7.6, iOS 16.7.11 and iPadOS 16.7.11, iOS 15.8.4 and iPadOS 15.8.4. Maliciously crafted web content may be able to break out of Web Content sandbox. This is a supplementary fix for an attack that was blocked in iOS 17.2. (Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2.).","newValue":"An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in Safari 18.3.1, iOS 15.8.4 and iPadOS 15.8.4, iOS 16.7.11 and iPadOS 16.7.11, iOS 18.3.2 and iPadOS 18.3.2, iPadOS 17.7.6, macOS Sequoia 15.3.2, visionOS 2.3.2, watchOS 11.4. Maliciously crafted web content may be able to break out of Web Content sandbox. This is a supplementary fix for an attack that was blocked in iOS 17.2. (Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2.)."}]}},{"change":{"cveId":"CVE-2025-24201","eventName":"Modified Analysis","cveChangeId":"956C5265-FB8D-466A-9B5A-9D7686DDBCA2","sourceIdentifier":"nvd@nist.gov","created":"2026-04-03T11:45:20.220","details":[{"action":"Removed","type":"CWE","oldValue":"CWE-787"},{"action":"Changed","type":"CPE Configuration","oldValue":"OR\n          *cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:* versions up to (excluding) 2.3.2\n          *cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* versions up to (excluding) 18.3.1\n          *cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* versions up to (excluding) 15.3.2\n          *cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* versions up to (excluding) 11.4","newValue":"OR\n          *cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:* versions up to (excluding) 2.3.2\n          *cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* versions up to (excluding) 18.3.1\n          *cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* versions up to (excluding) 11.4\n          *cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* versions from (including) 15.0 up to (excluding) 15.3.2"}]}},{"change":{"cveId":"CVE-2025-24201","eventName":"CVE Modified","cveChangeId":"CDCEF72F-D185-44B5-B4E1-D0935413BA99","sourceIdentifier":"product-security@apple.com","created":"2026-06-17T08:58:17.950","details":[{"action":"Added","type":"Affected","newValue":[{"vendor":"Apple","product":"Safari","versions":[{"version":"0","lessThan":"18.3.1","versionType":"custom","status":"affected"}]},{"vendor":"Apple","product":"iOS and iPadOS","versions":[{"version":"0","lessThan":"15.8.4","versionType":"custom","status":"affected"},{"version":"0","lessThan":"16.7.11","versionType":"custom","status":"affected"},{"version":"0","lessThan":"18.3.2","versionType":"custom","status":"affected"}]},{"vendor":"Apple","product":"iPadOS","versions":[{"version":"0","lessThan":"17.7.6","versionType":"custom","status":"affected"}]},{"vendor":"Apple","product":"macOS","versions":[{"version":"0","lessThan":"15.3.2","versionType":"custom","status":"affected"}]},{"vendor":"Apple","product":"visionOS","versions":[{"version":"0","lessThan":"2.3.2","versionType":"custom","status":"affected"}]},{"vendor":"Apple","product":"watchOS","versions":[{"version":"0","lessThan":"11.4","versionType":"custom","status":"affected"}]}]}]}},{"change":{"cveId":"CVE-2025-24201","eventName":"CVE Modified","cveChangeId":"A0D4D078-A4B3-4DDF-AAF0-9E64EF0E48A4","sourceIdentifier":"134c704f-9b21-4f2e-91b3-4a467353bcc0","created":"2026-06-17T08:58:17.950","details":[{"action":"Added","type":"SSVC","newValue":{"timestamp":"2025-11-12T14:31:38.579620Z","id":"CVE-2025-24201","options":[{"exploitation":"active"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]}}]}