Search for vulnerabilities
Vulnerability details: VCID-c3ku-wm5m-nucq
Vulnerability ID VCID-c3ku-wm5m-nucq
Aliases CVE-2024-54658
Summary The issue was addressed with improved memory handling. This issue is fixed in iOS 17.4 and iPadOS 17.4, Safari 17.4, tvOS 17.4, watchOS 10.4, visionOS 1.1, macOS Sonoma 14.4. Processing web content may lead to a denial-of-service.
Status Published
Exploitability 0.5
Weighted Severity 5.9
Risk 3.0
Affected and Fixed Packages Package Details
Weaknesses (1)
System Score Found at
cvssv3 6.5 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-54658.json
epss 0.00132 https://api.first.org/data/v1/epss?cve=CVE-2024-54658
epss 0.00132 https://api.first.org/data/v1/epss?cve=CVE-2024-54658
epss 0.00132 https://api.first.org/data/v1/epss?cve=CVE-2024-54658
epss 0.00132 https://api.first.org/data/v1/epss?cve=CVE-2024-54658
epss 0.00132 https://api.first.org/data/v1/epss?cve=CVE-2024-54658
epss 0.00132 https://api.first.org/data/v1/epss?cve=CVE-2024-54658
epss 0.00132 https://api.first.org/data/v1/epss?cve=CVE-2024-54658
epss 0.00132 https://api.first.org/data/v1/epss?cve=CVE-2024-54658
epss 0.00132 https://api.first.org/data/v1/epss?cve=CVE-2024-54658
epss 0.00132 https://api.first.org/data/v1/epss?cve=CVE-2024-54658
epss 0.00132 https://api.first.org/data/v1/epss?cve=CVE-2024-54658
epss 0.00132 https://api.first.org/data/v1/epss?cve=CVE-2024-54658
epss 0.00132 https://api.first.org/data/v1/epss?cve=CVE-2024-54658
epss 0.00132 https://api.first.org/data/v1/epss?cve=CVE-2024-54658
epss 0.00132 https://api.first.org/data/v1/epss?cve=CVE-2024-54658
epss 0.00132 https://api.first.org/data/v1/epss?cve=CVE-2024-54658
epss 0.00132 https://api.first.org/data/v1/epss?cve=CVE-2024-54658
epss 0.00132 https://api.first.org/data/v1/epss?cve=CVE-2024-54658
epss 0.00132 https://api.first.org/data/v1/epss?cve=CVE-2024-54658
cvssv3.1 6.5 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1 6.5 https://nvd.nist.gov/vuln/detail/CVE-2024-54658
cvssv3.1 6.5 https://support.apple.com/en-us/120881
ssvc Track https://support.apple.com/en-us/120881
cvssv3.1 6.5 https://support.apple.com/en-us/120882
ssvc Track https://support.apple.com/en-us/120882
cvssv3.1 6.5 https://support.apple.com/en-us/120883
ssvc Track https://support.apple.com/en-us/120883
cvssv3.1 6.5 https://support.apple.com/en-us/120893
ssvc Track https://support.apple.com/en-us/120893
cvssv3.1 6.5 https://support.apple.com/en-us/120894
ssvc Track https://support.apple.com/en-us/120894
cvssv3.1 6.5 https://support.apple.com/en-us/120895
ssvc Track https://support.apple.com/en-us/120895
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-54658.json
https://api.first.org/data/v1/epss?cve=CVE-2024-54658
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42843
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42950
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42956
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23254
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23263
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23280
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23284
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54658
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
120881 https://support.apple.com/en-us/120881
120882 https://support.apple.com/en-us/120882
120883 https://support.apple.com/en-us/120883
120893 https://support.apple.com/en-us/120893
120894 https://support.apple.com/en-us/120894
120895 https://support.apple.com/en-us/120895
2344946 https://bugzilla.redhat.com/show_bug.cgi?id=2344946
cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
CVE-2024-54658 https://nvd.nist.gov/vuln/detail/CVE-2024-54658
RHSA-2023:4201 https://access.redhat.com/errata/RHSA-2023:4201
RHSA-2024:9636 https://access.redhat.com/errata/RHSA-2024:9636
RHSA-2025:10364 https://access.redhat.com/errata/RHSA-2025:10364
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-54658.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2024-54658
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://support.apple.com/en-us/120881
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none


Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T15:01:02Z/ Found at https://support.apple.com/en-us/120881
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://support.apple.com/en-us/120882
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none


Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T15:01:02Z/ Found at https://support.apple.com/en-us/120882
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://support.apple.com/en-us/120883
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none


Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T15:01:02Z/ Found at https://support.apple.com/en-us/120883
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://support.apple.com/en-us/120893
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none


Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T15:01:02Z/ Found at https://support.apple.com/en-us/120893
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://support.apple.com/en-us/120894
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none


Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T15:01:02Z/ Found at https://support.apple.com/en-us/120894
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://support.apple.com/en-us/120895
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none


Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T15:01:02Z/ Found at https://support.apple.com/en-us/120895
Exploit Prediction Scoring System (EPSS)
Percentile 0.33715
EPSS Score 0.00132
Published At July 30, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T08:52:38.759098+00:00 Vulnrichment Import https://github.com/cisagov/vulnrichment/blob/develop/2024/54xxx/CVE-2024-54658.json 37.0.0