CVE-2024-54658

The issue was addressed with improved memory handling. This issue is fixed in iOS 17.4 and iPadOS 17.4, Safari 17.4, tvOS 17.4, watchOS 10.4, visionOS 1.1, macOS Sonoma 14.4. Processing web content may lead to a denial-of-service.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://support.apple.com/en-us/120881	Vendor Advisory
https://support.apple.com/en-us/120882	Vendor Advisory
https://support.apple.com/en-us/120883	Vendor Advisory
https://support.apple.com/en-us/120893	Vendor Advisory
https://support.apple.com/en-us/120894	Vendor Advisory
https://support.apple.com/en-us/120895	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:apple:safari::::::::
	cpe:2.3:o:apple:ipados::::::::
	cpe:2.3:o:apple:iphone_os::::::::
	cpe:2.3:o:apple:macos::::::::
	cpe:2.3:o:apple:tvos::::::::
	cpe:2.3:o:apple:visionos::::::::
	cpe:2.3:o:apple:watchos::::::::

History

No history.

Information

Published : 2025-02-10 19:15

Updated : 2025-03-19 18:15

NVD link : CVE-2024-54658

Mitre link : CVE-2024-54658

CVE.ORG link : CVE-2024-54658

JSON object : View

Products Affected

apple

watchos
visionos
ipados
iphone_os
safari
tvos
macos

CWE

NVD-CWE-noinfo CWE-400

Uncontrolled Resource Consumption

{"id": "CVE-2024-54658", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2025-02-10T19:15:39.320", "references": [{"url": "https://support.apple.com/en-us/120881", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://support.apple.com/en-us/120882", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://support.apple.com/en-us/120883", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://support.apple.com/en-us/120893", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://support.apple.com/en-us/120894", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://support.apple.com/en-us/120895", "tags": ["Vendor Advisory"], "source": "[email protected]"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-400"}]}], "descriptions": [{"lang": "en", "value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 17.4 and iPadOS 17.4, Safari 17.4, tvOS 17.4, watchOS 10.4, visionOS 1.1, macOS Sonoma 14.4. Processing web content may lead to a denial-of-service."}, {"lang": "es", "value": "El problema se solucion\u00f3 mejorando la gesti\u00f3n de la memoria. Este problema se solucion\u00f3 en iOS 17.4 y iPadOS 17.4, Safari 17.4, tvOS 17.4, watchOS 10.4, visionOS 1.1 y macOS Sonoma 14.4. El procesamiento de contenido web puede provocar una denegaci\u00f3n de servicio. "}], "lastModified": "2025-03-19T18:15:23.533", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DC7753BA-5DF8-4F98-8DA8-69DA473F8307", "versionEndExcluding": "17.4"}, {"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CCCC6AF9-4EFA-4A45-888B-93C0C1327BC7", "versionEndExcluding": "17.4"}, {"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BCB4911E-7824-4C34-916D-88110CB415EB", "versionEndExcluding": "17.4"}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "58227FD1-0619-45F6-AD19-25831899376A", "versionEndExcluding": "14.4"}, {"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BB6BA6CB-001B-4440-A9AE-473F5722F8E0", "versionEndExcluding": "17.4"}, {"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EB7F6CDA-FEC0-45D7-ACBE-8B5AD35F1AB5", "versionEndExcluding": "1.1"}, {"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5547F484-4E4B-4961-BAF8-F891D50BB4B6", "versionEndExcluding": "10.4"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}