-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-03-31-2025-1 Safari 18.4
Safari 18.4 addresses the following issues. Information about the security content is also available at https://support.apple.com/122379. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Authentication Services Available for: macOS Ventura and macOS Sonoma Impact: A malicious website may be able to claim WebAuthn credentials from another website that shares a registrable suffix Description: The issue was addressed with improved input validation. CVE-2025-24180: Martin Kreichgauer of Google Chrome Safari Available for: macOS Ventura and macOS Sonoma Impact: Visiting a malicious website may lead to user interface spoofing Description: The issue was addressed with improved UI. CVE-2025-24113: @RenwaX23 Safari Available for: macOS Ventura and macOS Sonoma Impact: Visiting a malicious website may lead to address bar spoofing Description: The issue was addressed with improved checks. CVE-2025-30467: @RenwaX23 Safari Available for: macOS Ventura and macOS Sonoma Impact: A website may be able to access sensor information without user consent Description: The issue was addressed with improved checks. CVE-2025-31192: Jaydev Ahire Safari Available for: macOS Ventura and macOS Sonoma Impact: A download's origin may be incorrectly associated Description: This issue was addressed through improved state management. CVE-2025-24167: Syarif Muhammad Sajjad Web Extensions Available for: macOS Ventura and macOS Sonoma Impact: An app may gain unauthorized access to Local Network Description: This issue was addressed with improved permissions checking. CVE-2025-31184: Alexander Heinrich (@Sn0wfreeze), SEEMOO, TU Darmstadt & Mathy Vanhoef (@vanhoefm) and Jeroen Robben (@RobbenJeroen), DistriNet, KU Leuven Web Extensions Available for: macOS Ventura and macOS Sonoma Impact: Visiting a website may leak sensitive data Description: A script imports issue was addressed with improved isolation. CVE-2025-24192: Vsevolod Kokorin (Slonser) of Solidlab WebKit Available for: macOS Ventura and macOS Sonoma Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash Description: The issue was addressed with improved memory handling. WebKit Bugzilla: 285892 CVE-2025-24264: Gary Kwong, and an anonymous researcher WebKit Bugzilla: 284055 CVE-2025-24216: Paul Bakker of ParagonERP WebKit Available for: macOS Ventura and macOS Sonoma Impact: A type confusion issue could lead to memory corruption Description: This issue was addressed with improved handling of floats. WebKit Bugzilla: 286694 CVE-2025-24213: Google V8 Security Team WebKit Available for: macOS Ventura and macOS Sonoma Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: A buffer overflow issue was addressed with improved memory handling. WebKit Bugzilla: 286462 CVE-2025-24209: Francisco Alonso (@revskills), and an anonymous researcher WebKit Available for: macOS Ventura and macOS Sonoma Impact: Loading a malicious iframe may lead to a cross-site scripting attack Description: A permissions issue was addressed with additional restrictions. WebKit Bugzilla: 286381 CVE-2025-24208: Muhammad Zaid Ghifari (Mr.ZheeV) and Kalimantan Utara WebKit Available for: macOS Ventura and macOS Sonoma Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash Description: A use-after-free issue was addressed with improved memory management. WebKit Bugzilla: 285643 CVE-2025-30427: rheza (@ginggilBesel) WebKit Available for: macOS Ventura and macOS Sonoma Impact: A malicious website may be able to track users in Safari private browsing mode Description: This issue was addressed through improved state management. WebKit Bugzilla: 286580 CVE-2025-30425: an anonymous researcher Additional recognition Safari We would like to acknowledge George Bafaloukas (george.bafalou...@pingidentity.com) and Shri Hunashikatti (sshp...@gmail.com) for their assistance. Safari Downloads We would like to acknowledge Koh M. Nakagawa (@tsunek0h) of FFRI Security, Inc. for their assistance. Safari Extensions We would like to acknowledge Alisha Ukani, Pete Snyder, Alex C. Snoeren for their assistance. Safari Private Browsing We would like to acknowledge Charlie Robinson for their assistance. WebKit We would like to acknowledge Gary Kwong, Jesse Stolwijk, Junsung Lee, P1umer (@p1umer) and Q1IQ (@q1iqF), Wai Kin Wong, Dongwei Xiao, Shuai Wang and Daoyuan Wu of HKUST Cybersecurity Lab, Anthony Lai(@darkfloyd1014) of VXRL, Wong Wai Kin, Dongwei Xiao and Shuai Wang of HKUST Cybersecurity Lab, Anthony Lai (@darkfloyd1014) of VXRL., Xiangwei Zhang of Tencent Security YUNDING LAB, 냥냥, and an anonymous researcher for their assistance. Safari 18.4 may be obtained from the Mac App Store. All information is also posted on the Apple Security Releases web site: https://support.apple.com/100100. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEsz9altA7uTI+rE/qX+5d1TXaIvoFAmfrHFcACgkQX+5d1TXa Ivqf3A/+KhIzKq5pYkjduSTnjser2nRGw2iebtLaTPzEFzThWdfKjRSPIUgFXKZB QoVVAdmHH9LSu1z0HIv0qzEKSYSmqSzXg8lJBHHk/KMvF3/HwzSnav+FGEkwht+Q GQHfhQIp6det8O7txik5rGjG70ulKubLwzkj4LQxPdz2SvxAPBkREV3xNx3wl6BW +HRHekb6EM7AfDGCOOe6Zgs9oSHue0J50nW4zhRlvA2Ej1BXhqjr/CEmPPY0oxid uMiQMRKrnseSoBSz6PNZ+XJcySOngs5EiKgjov/U5dmsb7HFnStBuJh4Um4LOv0c eqE8AGtEjhKXcTTTHwNzKSnwFm8RD5SwdZvB/vd5iNgQC0Eqnm6KAGcHEfTWJsjk oYJD/PS49LskCv0xnRYBTZnCeekBXnntIOo902FKjOpuK7yKkLUdVFk46/jTLemQ o0IN77BCaihBttJtvwcs6G2MA8E1cABswFBMTuklWZSG4mMIzulsgP1QRaHcc2sW lel4AWLNUVBlbOOsJhfbcb7VUaeoQGbXyFkuNxdfdm6ZF02e8PtDWhW/CfctPqjZ l3mjhrOpyyZVVasvfat53sM0QqMd6LnHfIHrvCt4FHp5nctQcB15g8KUoo9iTSbr xjNxZstub6D1ExhAbnKrlvx1+ne4ELhHJLNMvc+Hi1lOCIejJzo= =8nYS -----END PGP SIGNATURE----- _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: https://seclists.org/fulldisclosure/
