CVE-2025-24143

webkitgtk: A maliciously crafted webpage may be able to fingerprint the user

Description

The issue was addressed with improved access restrictions to the file system. This issue is fixed in Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, visionOS 2.3. A maliciously crafted webpage may be able to fingerprint the user.

INFO

Published Date :

2025-01-27T21:46:05.639Z

Last Modified :

2026-04-02T18:17:16.826Z

Source :

apple

AFFECTED PRODUCTS

The following products are affected by CVE-2025-24143 vulnerability.

Vendors	Products
Apple	Ipados Macos Safari Visionos
Redhat	Enterprise Linux Rhel Els

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-24143.

URL	Resource
http://seclists.org/fulldisclosure/2025/Jan/13
http://seclists.org/fulldisclosure/2025/Jan/15
http://seclists.org/fulldisclosure/2025/Jan/20
https://lists.debian.org/debian-lts-announce/2025/02/msg00014.html
https://nvd.nist.gov/vuln/detail/CVE-2025-24143
https://support.apple.com/en-us/122066
https://support.apple.com/en-us/122068
https://support.apple.com/en-us/122073
https://support.apple.com/en-us/122074
https://www.cve.org/CVERecord?id=CVE-2025-24143

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact