CVE-2025-24216

The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.4, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, Safari 18.4. Processing maliciously crafted web content may lead to an unexpected Safari crash.

CVSS v3 4.3 MEDIUM

4.3^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://support.apple.com/en-us/122371
https://support.apple.com/en-us/122372
https://support.apple.com/en-us/122373
https://support.apple.com/en-us/122377
https://support.apple.com/en-us/122378
https://support.apple.com/en-us/122379

Configurations

No configuration.

History

03 Apr 2025, 21:15

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 4.3
Summary		(es) El problema se solucionó mejorando la gestión de la memoria. Este problema está corregido en visionOS 2.4, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 y iPadOS 18.4, macOS Sequoia 15.4 y Safari 18.4. El procesamiento de contenido web malintencionado puede provocar un bloqueo inesperado de Safari.
CWE		CWE-508 CWE-119

31 Mar 2025, 23:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-03-31 23:15

Updated : 2025-04-03 21:15

NVD link : CVE-2025-24216

Mitre link : CVE-2025-24216

CVE.ORG link : CVE-2025-24216

JSON object : View

Products Affected

No product.

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE-508

Non-Replicating Malicious Code

4.3 /10