VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-ejf5-779w-vqct

Essentials
Severities (82)
References (30)
Severity details (14)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-ejf5-779w-vqct
Aliases	CVE-2025-24216
Summary	The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.4, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, Safari 18.4. Processing maliciously crafted web content may lead to an unexpected Safari crash.
Status	Published
Exploitability	0.5
Weighted Severity	7.9
Risk	4.0
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

System	Score	Found at
cvssv3	8.8	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-24216.json
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00033	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00034	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00037	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00037	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00039	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00039	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00039	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00039	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00039	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00039	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00039	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00054	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.0006	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.0006	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.0006	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.0006	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.0006	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.0006	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.0006	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.0006	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.0006	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.0006	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.0006	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00066	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00066	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00066	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00066	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00066	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00066	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00066	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00066	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00066	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00066	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00066	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00066	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00066	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00066	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00066	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00066	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00069	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00069	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00069	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00069	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00069	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00069	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00072	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00072	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00072	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00072	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00072	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00072	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00072	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00072	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00072	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00072	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00072	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00072	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00072	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00072	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00072	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00072	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00072	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00072	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00072	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00072	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00072	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
epss	0.00072	https://api.first.org/data/v1/epss?cve=CVE-2025-24216
cvssv3.1	4.3	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1	4.3	https://support.apple.com/en-us/122371
ssvc	Track	https://support.apple.com/en-us/122371
cvssv3.1	4.3	https://support.apple.com/en-us/122372
ssvc	Track	https://support.apple.com/en-us/122372
cvssv3.1	4.3	https://support.apple.com/en-us/122373
ssvc	Track	https://support.apple.com/en-us/122373
cvssv3.1	4.3	https://support.apple.com/en-us/122377
ssvc	Track	https://support.apple.com/en-us/122377
cvssv3.1	4.3	https://support.apple.com/en-us/122378
ssvc	Track	https://support.apple.com/en-us/122378
cvssv3.1	4.3	https://support.apple.com/en-us/122379
ssvc	Track	https://support.apple.com/en-us/122379

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-24216.json
		https://api.first.org/data/v1/epss?cve=CVE-2025-24216
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24216
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
122371		https://support.apple.com/en-us/122371
122372		https://support.apple.com/en-us/122372
122373		https://support.apple.com/en-us/122373
122377		https://support.apple.com/en-us/122377
122378		https://support.apple.com/en-us/122378
122379		https://support.apple.com/en-us/122379
2357917		https://bugzilla.redhat.com/show_bug.cgi?id=2357917
cpe:2.3:a:apple:safari::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:safari::::::::
cpe:2.3:o:apple:ipados::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:ipados::::::::
cpe:2.3:o:apple:iphone_os::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os::::::::
cpe:2.3:o:apple:macos::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:macos::::::::
cpe:2.3:o:apple:tvos::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos::::::::
cpe:2.3:o:apple:visionos::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:visionos::::::::
CVE-2025-24216		https://nvd.nist.gov/vuln/detail/CVE-2025-24216
RHSA-2025:3713		https://access.redhat.com/errata/RHSA-2025:3713
RHSA-2025:3755		https://access.redhat.com/errata/RHSA-2025:3755
RHSA-2025:3756		https://access.redhat.com/errata/RHSA-2025:3756
RHSA-2025:3974		https://access.redhat.com/errata/RHSA-2025:3974
RHSA-2025:4445		https://access.redhat.com/errata/RHSA-2025:4445
RHSA-2025:7387		https://access.redhat.com/errata/RHSA-2025:7387
RHSA-2025:7998		https://access.redhat.com/errata/RHSA-2025:7998
RHSA-2025:8064		https://access.redhat.com/errata/RHSA-2025:8064
RHSA-2025:8065		https://access.redhat.com/errata/RHSA-2025:8065
RHSA-2025:8066		https://access.redhat.com/errata/RHSA-2025:8066
RHSA-2025:8194		https://access.redhat.com/errata/RHSA-2025:8194
USN-7436-1		https://usn.ubuntu.com/7436-1/

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-24216.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L Found at https://support.apple.com/en-us/122371

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-02T14:13:08Z/ Found at https://support.apple.com/en-us/122371

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L Found at https://support.apple.com/en-us/122372

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-02T14:13:08Z/ Found at https://support.apple.com/en-us/122372

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L Found at https://support.apple.com/en-us/122373

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-02T14:13:08Z/ Found at https://support.apple.com/en-us/122373

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L Found at https://support.apple.com/en-us/122377

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-02T14:13:08Z/ Found at https://support.apple.com/en-us/122377

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L Found at https://support.apple.com/en-us/122378

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-02T14:13:08Z/ Found at https://support.apple.com/en-us/122378

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L Found at https://support.apple.com/en-us/122379

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-02T14:13:08Z/ Found at https://support.apple.com/en-us/122379

Exploit Prediction Scoring System (EPSS)

Percentile	0.06217
EPSS Score	0.00033
Published At	April 2, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2025-04-03T13:21:57.403153+00:00	EPSS Importer	Import	https://epss.cyentia.com/epss_scores-current.csv.gz	36.0.0