CVE-2024-54478

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iPadOS 17.7.4, visionOS 2.2, tvOS 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sonoma 14.7.2, macOS Sequoia 15.2. Processing maliciously crafted web content may lead to an unexpected process crash.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://support.apple.com/en-us/121837
https://support.apple.com/en-us/121839
https://support.apple.com/en-us/121840
https://support.apple.com/en-us/121843
https://support.apple.com/en-us/121844
https://support.apple.com/en-us/121845
https://support.apple.com/en-us/122067

Configurations

No configuration.

History

28 Jan 2025, 15:15

Type	Values Removed	Values Added
Summary		(es) Se solucionó un problema de acceso a fuera de los límites mejorando la verificación de límites. Este problema se solucionó en iPadOS 17.7.4, visionOS 2.2, tvOS 18.2, watchOS 11.2, iOS 18.2 y iPadOS 18.2, macOS Sonoma 14.7.2 y macOS Sequoia 15.2. El procesamiento malintencionado de contenido web manipulado puede provocar un bloqueo inesperado del proceso.
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 6.5
CWE		CWE-125

27 Jan 2025, 22:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-01-27 22:15

Updated : 2025-01-28 15:15

NVD link : CVE-2024-54478

Mitre link : CVE-2024-54478

CVE.ORG link : CVE-2024-54478

JSON object : View

Products Affected

No product.

CWE

CWE-125

Out-of-bounds Read

6.5 /10