CVE-2025-24209

{"id": "CVE-2025-24209", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.0, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 4.7, "exploitabilityScore": 2.2}]}, "published": "2025-03-31T23:15:18.870", "references": [{"url": "https://support.apple.com/en-us/122371", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://support.apple.com/en-us/122372", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://support.apple.com/en-us/122373", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://support.apple.com/en-us/122377", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://support.apple.com/en-us/122379", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "http://seclists.org/fulldisclosure/2025/Apr/11", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://seclists.org/fulldisclosure/2025/Apr/13", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://seclists.org/fulldisclosure/2025/Apr/2", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://seclists.org/fulldisclosure/2025/Apr/4", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://seclists.org/fulldisclosure/2025/Apr/5", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://seclists.org/fulldisclosure/2025/Apr/8", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.debian.org/debian-lts-announce/2025/06/msg00016.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-120"}]}], "descriptions": [{"lang": "en", "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in tvOS 18.4, Safari 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. Processing maliciously crafted web content may lead to an unexpected process crash."}, {"lang": "es", "value": "Se solucion\u00f3 un problema de desbordamiento de b\u00fafer mejorando la gesti\u00f3n de memoria. Este problema se solucion\u00f3 en tvOS 18.4, Safari 18.4, iPadOS 17.7.6, iOS 18.4 y iPadOS 18.4, y macOS Sequoia 15.4. El procesamiento de contenido web malintencionado puede provocar un bloqueo inesperado del proceso."}], "lastModified": "2025-11-03T21:19:34.323", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "45D15738-9AE3-4CB5-8755-A67F6E09EAC5", "versionEndExcluding": "18.4"}, {"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "687E67E4-136D-4154-BA6F-5ACA16254023", "versionEndExcluding": "17.7.6"}, {"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BAAF5169-C6A9-449A-B41F-2CB1801EBA4B", "versionEndExcluding": "18.4", "versionStartIncluding": "18.0"}, {"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0D9C73F9-FEF4-4FC1-B83D-56566AD35990", "versionEndExcluding": "18.4"}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1320B815-0457-4276-83B9-AFAFDAF17EDA", "versionEndExcluding": "15.4", "versionStartIncluding": "15.0"}, {"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8C61CCC2-87D3-4A3A-837B-63C48299A7AD", "versionEndExcluding": "18.4"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}