← Volver a CVEs
CVE-2025-31254
MEDIUM5.4
Descripcion
This issue was addressed with improved URL validation. This issue is fixed in Safari 26, iOS 26 and iPadOS 26. Processing maliciously crafted web content may lead to unexpected URL redirection.
Detalles CVE
Puntuacion CVSS v3.15.4
SeveridadMEDIUM
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosLOW
Interaccion usuarioNONE
Publicado9/15/2025
Ultima modificacion11/3/2025
Fuentenvd
Avistamientos honeypot0
Productos afectados
apple:ipadosapple:iphone_osapple:safari
Debilidades (CWE)
CWE-863
Referencias
https://support.apple.com/en-us/125108(product-security@apple.com)
https://support.apple.com/en-us/125113(product-security@apple.com)
http://seclists.org/fulldisclosure/2025/Sep/59(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.