VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-jrgs-3y81-zbdh

Essentials
Severities (95)
References (30)
Severity details (18)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-jrgs-3y81-zbdh
Aliases	CVE-2024-54505
Summary	A type confusion issue was addressed with improved memory handling. This issue is fixed in iPadOS 17.7.3, watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to memory corruption.
Status	Published
Exploitability	0.5
Weighted Severity	7.9
Risk	4.0
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-843

Access of Resource Using Incompatible Type ('Type Confusion')

System	Score	Found at
cvssv3	8.8	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-54505.json
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.001	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00102	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00102	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00102	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00102	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00102	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00102	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00102	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00102	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00102	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00102	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00102	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00102	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00106	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00106	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00106	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00106	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00112	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00112	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00112	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00112	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00112	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00112	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00112	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00112	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00112	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00132	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00155	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00155	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00155	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00173	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00173	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00173	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00173	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00173	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00173	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00173	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00173	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00173	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00173	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00173	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00173	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00173	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00173	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00173	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00173	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00173	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00173	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00177	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00177	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00177	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00185	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00185	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00185	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00185	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00185	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00185	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00185	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00185	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00185	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00185	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00185	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00185	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00185	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00185	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00185	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00185	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00185	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00185	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00185	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00185	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00185	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00185	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00185	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
epss	0.00185	https://api.first.org/data/v1/epss?cve=CVE-2024-54505
cvssv3.1	7.1	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3	8.8	https://nvd.nist.gov/vuln/detail/CVE-2024-54505
cvssv3.1	8.8	https://nvd.nist.gov/vuln/detail/CVE-2024-54505
cvssv3.1	6.5	https://support.apple.com/en-us/121837
ssvc	Track	https://support.apple.com/en-us/121837
cvssv3.1	6.5	https://support.apple.com/en-us/121838
ssvc	Track	https://support.apple.com/en-us/121838
cvssv3.1	6.5	https://support.apple.com/en-us/121839
ssvc	Track	https://support.apple.com/en-us/121839
cvssv3.1	6.5	https://support.apple.com/en-us/121843
ssvc	Track	https://support.apple.com/en-us/121843
cvssv3.1	6.5	https://support.apple.com/en-us/121844
ssvc	Track	https://support.apple.com/en-us/121844
cvssv3.1	6.5	https://support.apple.com/en-us/121845
ssvc	Track	https://support.apple.com/en-us/121845
cvssv3.1	6.5	https://support.apple.com/en-us/121846
ssvc	Track	https://support.apple.com/en-us/121846

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-54505.json
		https://api.first.org/data/v1/epss?cve=CVE-2024-54505
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54505
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
121837		https://support.apple.com/en-us/121837
121838		https://support.apple.com/en-us/121838
121839		https://support.apple.com/en-us/121839
121843		https://support.apple.com/en-us/121843
121844		https://support.apple.com/en-us/121844
121845		https://support.apple.com/en-us/121845
121846		https://support.apple.com/en-us/121846
2333844		https://bugzilla.redhat.com/show_bug.cgi?id=2333844
cpe:2.3:a:apple:safari::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:safari::::::::
cpe:2.3:o:apple:ipados::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:ipados::::::::
cpe:2.3:o:apple:iphone_os::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os::::::::
cpe:2.3:o:apple:macos::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:macos::::::::
cpe:2.3:o:apple:tvos::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos::::::::
cpe:2.3:o:apple:visionos::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:visionos::::::::
cpe:2.3:o:apple:watchos::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos::::::::
CVE-2024-54505		https://nvd.nist.gov/vuln/detail/CVE-2024-54505
RHSA-2025:0145		https://access.redhat.com/errata/RHSA-2025:0145
RHSA-2025:0146		https://access.redhat.com/errata/RHSA-2025:0146
RHSA-2025:0226		https://access.redhat.com/errata/RHSA-2025:0226
RHSA-2025:0276		https://access.redhat.com/errata/RHSA-2025:0276
RHSA-2025:0277		https://access.redhat.com/errata/RHSA-2025:0277
RHSA-2025:0278		https://access.redhat.com/errata/RHSA-2025:0278
RHSA-2025:0279		https://access.redhat.com/errata/RHSA-2025:0279
RHSA-2025:0282		https://access.redhat.com/errata/RHSA-2025:0282
RHSA-2025:0283		https://access.redhat.com/errata/RHSA-2025:0283
USN-7201-1		https://usn.ubuntu.com/7201-1/

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-54505.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2024-54505

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2024-54505

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://support.apple.com/en-us/121837

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-12T19:08:31Z/ Found at https://support.apple.com/en-us/121837

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://support.apple.com/en-us/121838

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-12T19:08:31Z/ Found at https://support.apple.com/en-us/121838

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://support.apple.com/en-us/121839

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-12T19:08:31Z/ Found at https://support.apple.com/en-us/121839

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://support.apple.com/en-us/121843

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-12T19:08:31Z/ Found at https://support.apple.com/en-us/121843

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://support.apple.com/en-us/121844

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-12T19:08:31Z/ Found at https://support.apple.com/en-us/121844

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://support.apple.com/en-us/121845

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-12T19:08:31Z/ Found at https://support.apple.com/en-us/121845

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://support.apple.com/en-us/121846

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-12T19:08:31Z/ Found at https://support.apple.com/en-us/121846

Exploit Prediction Scoring System (EPSS)

Percentile	0.12177
EPSS Score	0.00044
Published At	Dec. 13, 2024, midnight

Date	Actor	Action	Source	VulnerableCode Version
2024-12-13T02:48:55.633871+00:00	Vulnrichment	Import	https://github.com/cisagov/vulnrichment/blob/develop/2024/54xxx/CVE-2024-54505.json	35.0.0