VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-6zcj-hsvn-ufaw

Essentials
Severities (92)
References (29)
Severity details (17)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-6zcj-hsvn-ufaw
Aliases	CVE-2024-54508
Summary	The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to an unexpected process crash.
Status	Published
Exploitability	0.5
Weighted Severity	6.8
Risk	3.4
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-20

Improper Input Validation

System	Score	Found at
cvssv3	6.5	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-54508.json
cvssv3	7.5	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-54508.json
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00074	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00074	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00074	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00074	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00184	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00184	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00238	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00267	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00268	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00268	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00268	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00268	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00268	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00268	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00268	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00268	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00268	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00268	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00297	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00297	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00297	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00297	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00297	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00297	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00297	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00297	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00297	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00297	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00323	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00323	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00323	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00369	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00369	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00369	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00369	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00369	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00369	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00369	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00369	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00369	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00369	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00369	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00369	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00369	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00369	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00369	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00369	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00369	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00369	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00369	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00369	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00369	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00369	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2024-54508
cvssv3.1	6.5	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3	7.5	https://nvd.nist.gov/vuln/detail/CVE-2024-54508
cvssv3.1	7.5	https://nvd.nist.gov/vuln/detail/CVE-2024-54508
cvssv3.1	7.5	https://support.apple.com/en-us/121837
ssvc	Track	https://support.apple.com/en-us/121837
cvssv3.1	7.5	https://support.apple.com/en-us/121839
ssvc	Track	https://support.apple.com/en-us/121839
cvssv3.1	7.5	https://support.apple.com/en-us/121843
ssvc	Track	https://support.apple.com/en-us/121843
cvssv3.1	7.5	https://support.apple.com/en-us/121844
ssvc	Track	https://support.apple.com/en-us/121844
cvssv3.1	7.5	https://support.apple.com/en-us/121845
ssvc	Track	https://support.apple.com/en-us/121845
cvssv3.1	7.5	https://support.apple.com/en-us/121846
ssvc	Track	https://support.apple.com/en-us/121846

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-54508.json
		https://api.first.org/data/v1/epss?cve=CVE-2024-54508
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54508
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
121837		https://support.apple.com/en-us/121837
121839		https://support.apple.com/en-us/121839
121843		https://support.apple.com/en-us/121843
121844		https://support.apple.com/en-us/121844
121845		https://support.apple.com/en-us/121845
121846		https://support.apple.com/en-us/121846
2333845		https://bugzilla.redhat.com/show_bug.cgi?id=2333845
cpe:2.3:a:apple:safari::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:safari::::::::
cpe:2.3:o:apple:ipados::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:ipados::::::::
cpe:2.3:o:apple:iphone_os::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os::::::::
cpe:2.3:o:apple:macos::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:macos::::::::
cpe:2.3:o:apple:tvos::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos::::::::
cpe:2.3:o:apple:visionos::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:visionos::::::::
cpe:2.3:o:apple:watchos::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos::::::::
CVE-2024-54508		https://nvd.nist.gov/vuln/detail/CVE-2024-54508
RHSA-2025:0145		https://access.redhat.com/errata/RHSA-2025:0145
RHSA-2025:0146		https://access.redhat.com/errata/RHSA-2025:0146
RHSA-2025:0226		https://access.redhat.com/errata/RHSA-2025:0226
RHSA-2025:0276		https://access.redhat.com/errata/RHSA-2025:0276
RHSA-2025:0277		https://access.redhat.com/errata/RHSA-2025:0277
RHSA-2025:0278		https://access.redhat.com/errata/RHSA-2025:0278
RHSA-2025:0279		https://access.redhat.com/errata/RHSA-2025:0279
RHSA-2025:0282		https://access.redhat.com/errata/RHSA-2025:0282
RHSA-2025:0283		https://access.redhat.com/errata/RHSA-2025:0283
USN-7201-1		https://usn.ubuntu.com/7201-1/

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-54508.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-54508.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2024-54508

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2024-54508

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://support.apple.com/en-us/121837

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-16T18:36:10Z/ Found at https://support.apple.com/en-us/121837

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://support.apple.com/en-us/121839

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-16T18:36:10Z/ Found at https://support.apple.com/en-us/121839

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://support.apple.com/en-us/121843

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-16T18:36:10Z/ Found at https://support.apple.com/en-us/121843

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://support.apple.com/en-us/121844

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-16T18:36:10Z/ Found at https://support.apple.com/en-us/121844

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://support.apple.com/en-us/121845

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-16T18:36:10Z/ Found at https://support.apple.com/en-us/121845

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://support.apple.com/en-us/121846

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-16T18:36:10Z/ Found at https://support.apple.com/en-us/121846

Exploit Prediction Scoring System (EPSS)

Percentile	0.12177
EPSS Score	0.00044
Published At	Dec. 13, 2024, midnight

Date	Actor	Action	Source	VulnerableCode Version
2024-12-13T15:05:01.227958+00:00	NVD Importer	Import	https://nvd.nist.gov/vuln/detail/CVE-2024-54508	35.0.0