Apple Safari up to 18.4 Web redirect

Summaryinfo

A vulnerability has been found in Apple Safari and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Web Handler. Performing a manipulation results in redirect. This vulnerability is cataloged as CVE-2025-31254. It is possible to initiate the attack remotely. There is no exploit available. The affected component should be upgraded.

Detailsinfo

A vulnerability was found in Apple Safari. It has been classified as problematic. This affects an unknown part of the component Web Handler. The manipulation with an unknown input leads to a redirect vulnerability. CWE is classifying the issue as CWE-601. A web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect. This simplifies phishing attacks. This is going to have an impact on integrity. The summary by CVE is:

This issue was addressed with improved URL validation. This issue is fixed in Safari 26, iOS 26 and iPadOS 26. Processing maliciously crafted web content may lead to unexpected URL redirection.

It is possible to read the advisory at support.apple.com. This vulnerability is uniquely identified as CVE-2025-31254 since 03/27/2025. The exploitability is told to be easy. It is possible to initiate the attack remotely. No form of authentication is needed for exploitation. It demands that the victim is doing some kind of user interaction. The technical details are unknown and an exploit is not publicly available. The pricing for an exploit might be around USD $0-$5k at the moment (estimation calculated on 09/16/2025). The attack technique deployed by this issue is T1204.001 according to MITRE ATT&CK.

Upgrading to version 26.0 eliminates this vulnerability.

The vulnerability is also documented in the vulnerability database at CERT Bund (WID-SEC-2025-2058). Be aware that VulDB is the high quality source for vulnerability data.

Affected

• Apple Safari

Productinfo

Type

• Web Browser

Vendor

• Apple

Name

• Safari

Version

• 0.8
• 0.9
• 1.0
• 1.0.0
• 1.0.0b1
• 1.0.0b2
• 1.0.1
• 1.0.2
• 1.0.3
• 1.0b1
• 1.1
• 1.1.0
• 1.1.1
• 1.2
• 1.2.0
• 1.2.1
• 1.2.2
• 1.2.3
• 1.2.4
• 1.2.5
• 1.3
• 1.3.0
• 1.3.1
• 1.3.2
• 2
• 2.0
• 2.0 Pre
• 2.0.0
• 2.0.1
• 2.0.2
• 2.0.3
• 2.0.3 417.9.3
• 2.0.4
• 2.0.4 419.3
• 3
• 3.0
• 3.0.0
• 3.0.0b
• 3.0.1
• 3.0.1b
• 3.0.2
• 3.0.2b
• 3.0.3
• 3.0.3b
• 3.0.4
• 3.0.4 Beta
• 3.0.4b
• 3.1
• 3.1.0
• 3.1.0b
• 3.1.1
• 3.1.2
• 3.2
• 3.2.0
• 3.2.1
• 3.2.2
• 3.2.3
• 4
• 4.0
• 4.0 Beta
• 4.0.0b
• 4.0.1
• 4.0.2
• 4.0.3
• 4.0.4
• 4.0.5
• 4.1
• 4.1.1
• 4.1.2
• 4.1.3
• 5
• 5.0
• 5.0.1
• 5.0.5
• 5.0.6
• 5.1
• 5.1.2
• 5.1.2 (7534.52.7)
• 5.1.4
• 5.1.7
• 6
• 6.0
• 6.0.1
• 6.0.2
• 6.0.3
• 6.0.4
• 6.0.5
• 6.1
• 6.1.1
• 6.1.2
• 6.1.3
• 6.1.4
• 6.1.5
• 6.1.6
• 6.2.0
• 6.2.1
• 6.2.2
• 6.2.3
• 6.2.4
• 6.2.6
• 6.2.7
• 6.2.8
• 7.0
• 7.0.1
• 7.0.2
• 7.0.3
• 7.0.4
• 7.0.5
• 7.0.6
• 7.1.0
• 7.1.1
• 7.1.2
• 7.1.3
• 7.1.4
• 7.1.5
• 7.1.6
• 7.1.7
• 7.1.8
• 8
• 8.0
• 8.0.0
• 8.0.1
• 8.0.2
• 8.0.3
• 8.0.4
• 8.0.5
• 8.0.6
• 8.0.7
• 8.0.8
• 9.0
• 9.0.1
• 9.0.2
• 9.0.3
• 9.1
• 9.1.1
• 9.1.2
• 10
• 10.0
• 10.0.1
• 10.0.2
• 10.0.3
• 10.1
• 10.1.1
• 10.1.2
• 10.5
• 10.5.3
• 10.5.6
• 10.5.8
• 11
• 11.0
• 11.0.1
• 11.0.2
• 11.0.3
• 11.1
• 11.1.1
• 11.1.2
• 12.0
• 12.0.1
• 12.0.2
• 12.0.3
• 12.1
• 12.1.1
• 12.1.2
• 13.0
• 13.0.1
• 13.0.2
• 13.0.3
• 13.0.5
• 13.1
• 13.1.1
• 13.1.2
• 14.0
• 14.0.1
• 14.0.2
• 14.0.3
• 14.1
• 14.1.1
• 14.1.2
• 15
• 15.0
• 15.1
• 15.2
• 15.3
• 15.4
• 15.5
• 15.6
• 15.6.1
• 16
• 16.0
• 16.1
• 16.2
• 16.3
• 16.3.1
• 16.4
• 16.4.1
• 16.5
• 16.5.1
• 16.6
• 17
• 18.1
• 18.4

License

• commercial

Website

• Vendor: https://www.apple.com/

CPE 2.3info

• 🔒
• 🔒
• 🔒

CPE 2.2info

• 🔒
• 🔒
• 🔒

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Be aware that VulDB is the high quality source for vulnerability data.

Discussion