ByteOS Network

NVD Vulnerability Details :

CVE-2024-54508

Modified

Source-product-security@apple.com

Published At-12 Dec, 2024 | 02:15

Updated At-28 May, 2026 | 16:16

The issue was addressed with improved memory handling. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.6, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Processing maliciously crafted web content may lead to an unexpected process crash.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	7.5	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Secondary	3.1	6.5	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Type: Primary

Version: 3.1

Base score: 7.5

Base severity: HIGH

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Type: Secondary

Version: 3.1

Base score: 6.5

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CPE Matches

Apple Inc.

>>safari>>Versions before 18.2(exclusive)

cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*

Apple Inc.

>>ipados>>Versions before 18.2(exclusive)

cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*

Apple Inc.

>>iphone_os>>Versions before 18.2(exclusive)

cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

Apple Inc.

>>macos>>Versions before 15.2(exclusive)

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Apple Inc.

>>tvos>>Versions before 18.2(exclusive)

cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*

Apple Inc.

>>visionos>>Versions before 2.2(exclusive)

cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*

Apple Inc.

>>watchos>>Versions before 11.2(exclusive)

cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
NVD-CWE-noinfo	Primary	nvd@nist.gov
CWE-125	Secondary	134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE-787	Secondary	134c704f-9b21-4f2e-91b3-4a467353bcc0

CWE ID: NVD-CWE-noinfo

Type: Primary

Source: nvd@nist.gov

CWE ID: CWE-125

Type: Secondary

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

CWE ID: CWE-787

Type: Secondary

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

References

Hyperlink	Source	Resource
https://support.apple.com/en-us/121837	product-security@apple.com	Vendor Advisory
https://support.apple.com/en-us/121839	product-security@apple.com	Vendor Advisory
https://support.apple.com/en-us/121843	product-security@apple.com	Vendor Advisory
https://support.apple.com/en-us/121844	product-security@apple.com	Vendor Advisory
https://support.apple.com/en-us/121845	product-security@apple.com	Vendor Advisory
https://support.apple.com/en-us/121846	product-security@apple.com	Vendor Advisory
https://support.apple.com/en-us/122372	product-security@apple.com	N/A
http://seclists.org/fulldisclosure/2024/Dec/11	af854a3a-2127-422b-91ae-364da2661108	N/A
http://seclists.org/fulldisclosure/2024/Dec/13	af854a3a-2127-422b-91ae-364da2661108	N/A
http://seclists.org/fulldisclosure/2024/Dec/5	af854a3a-2127-422b-91ae-364da2661108	N/A
http://seclists.org/fulldisclosure/2024/Dec/7	af854a3a-2127-422b-91ae-364da2661108	N/A
http://seclists.org/fulldisclosure/2025/Apr/5	af854a3a-2127-422b-91ae-364da2661108	N/A
https://lists.debian.org/debian-lts-announce/2025/01/msg00002.html	af854a3a-2127-422b-91ae-364da2661108	N/A