{"id":"CVE-2025-31205","details":"The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. A malicious website may exfiltrate data cross-origin.","modified":"2026-03-13T07:59:32.297376Z","published":"2025-05-12T22:15:21.627Z","related":["ALSA-2025:7995","ALSA-2025:8046","MGASA-2025-0313","SUSE-SU-2025:01720-1","SUSE-SU-2025:01724-1","SUSE-SU-2025:01746-1","SUSE-SU-2025:02033-1"],"references":[{"type":"WEB","url":"http://seclists.org/fulldisclosure/2025/May/10"},{"type":"WEB","url":"http://seclists.org/fulldisclosure/2025/May/13"},{"type":"WEB","url":"http://seclists.org/fulldisclosure/2025/May/5"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/06/msg00016.html"},{"type":"WEB","url":"http://seclists.org/fulldisclosure/2025/May/12"},{"type":"WEB","url":"http://seclists.org/fulldisclosure/2025/May/7"},{"type":"ADVISORY","url":"https://support.apple.com/en-us/122404"},{"type":"ADVISORY","url":"https://support.apple.com/en-us/122720"},{"type":"ADVISORY","url":"https://support.apple.com/en-us/122721"},{"type":"ADVISORY","url":"https://support.apple.com/en-us/122716"},{"type":"ADVISORY","url":"https://support.apple.com/en-us/122719"},{"type":"ADVISORY","url":"https://support.apple.com/en-us/122722"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"18.5"}]},{"events":[{"introduced":"0"},{"fixed":"18.5"}]},{"events":[{"introduced":"0"},{"fixed":"18.5"}]},{"events":[{"introduced":"0"},{"fixed":"15.5"}]},{"events":[{"introduced":"0"},{"fixed":"18.5"}]},{"events":[{"introduced":"0"},{"fixed":"2.5"}]},{"events":[{"introduced":"0"},{"fixed":"11.5"}]}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-31205.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}]}