CVE-2024-54534

EUVD-2024-52628
The issue was addressed with improved memory handling. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.6, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Processing maliciously crafted web content may lead to memory corruption.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 77%
Affected Products (NVD)
VendorProductVersion
applesafari
𝑥
< 18.2
appleipados
𝑥
< 18.2
appleiphone_os
𝑥
< 18.2
applemacos
𝑥
< 15.2
appletvos
𝑥
< 18.2
applevisionos
𝑥
< 2.2
applewatchos
𝑥
< 11.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://support.apple.com/en-us/121837
https://support.apple.com/en-us/121839
https://support.apple.com/en-us/121843
https://support.apple.com/en-us/121844
https://support.apple.com/en-us/121845
https://support.apple.com/en-us/121846
https://support.apple.com/en-us/122372
http://seclists.org/fulldisclosure/2024/Dec/11
http://seclists.org/fulldisclosure/2024/Dec/13
http://seclists.org/fulldisclosure/2024/Dec/5
http://seclists.org/fulldisclosure/2024/Dec/7
http://seclists.org/fulldisclosure/2025/Apr/5
https://security.netapp.com/advisory/ntap-20250418-0002/