VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-nkdv-tzxp-guct

Essentials
Severities (83)
References (25)
Severity details (14)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-nkdv-tzxp-guct
Aliases	CVE-2025-24264
Summary	The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.4, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, Safari 18.4. Processing maliciously crafted web content may lead to an unexpected Safari crash.
Status	Published
Exploitability	0.5
Weighted Severity	7.9
Risk	4.0
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

System	Score	Found at
cvssv3	8.8	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-24264.json
epss	0.00067	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00074	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00074	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00074	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00088	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00088	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00088	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00088	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00088	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00088	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00088	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00088	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00088	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00095	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00095	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00095	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00095	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00095	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00095	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00095	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00095	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00095	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00095	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00095	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00099	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00099	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00099	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00099	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00099	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00099	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00099	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00099	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00114	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00114	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00114	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00114	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00114	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00114	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00114	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00114	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00114	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00114	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00114	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00114	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00114	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00114	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00114	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00114	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00114	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00114	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00114	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00114	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
epss	0.00114	https://api.first.org/data/v1/epss?cve=CVE-2025-24264
cvssv3.1	8.8	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1	9.8	https://support.apple.com/en-us/122371
ssvc	Track	https://support.apple.com/en-us/122371
cvssv3.1	9.8	https://support.apple.com/en-us/122372
ssvc	Track	https://support.apple.com/en-us/122372
cvssv3.1	9.8	https://support.apple.com/en-us/122373
ssvc	Track	https://support.apple.com/en-us/122373
cvssv3.1	9.8	https://support.apple.com/en-us/122377
ssvc	Track	https://support.apple.com/en-us/122377
cvssv3.1	9.8	https://support.apple.com/en-us/122378
ssvc	Track	https://support.apple.com/en-us/122378
cvssv3.1	9.8	https://support.apple.com/en-us/122379
ssvc	Track	https://support.apple.com/en-us/122379

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-24264.json
		https://api.first.org/data/v1/epss?cve=CVE-2025-24264
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24264
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
122371		https://support.apple.com/en-us/122371
122372		https://support.apple.com/en-us/122372
122373		https://support.apple.com/en-us/122373
122377		https://support.apple.com/en-us/122377
122378		https://support.apple.com/en-us/122378
122379		https://support.apple.com/en-us/122379
2357918		https://bugzilla.redhat.com/show_bug.cgi?id=2357918
cpe:2.3:a:apple:safari::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:safari::::::::
cpe:2.3:o:apple:ipados::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:ipados::::::::
cpe:2.3:o:apple:iphone_os::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os::::::::
cpe:2.3:o:apple:macos::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:macos::::::::
cpe:2.3:o:apple:tvos::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos::::::::
cpe:2.3:o:apple:visionos::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:visionos::::::::
CVE-2025-24264		https://nvd.nist.gov/vuln/detail/CVE-2025-24264
RHSA-2023:4201		https://access.redhat.com/errata/RHSA-2023:4201
RHSA-2023:4202		https://access.redhat.com/errata/RHSA-2023:4202
RHSA-2024:8496		https://access.redhat.com/errata/RHSA-2024:8496
RHSA-2024:9653		https://access.redhat.com/errata/RHSA-2024:9653
RHSA-2024:9679		https://access.redhat.com/errata/RHSA-2024:9679
RHSA-2024:9680		https://access.redhat.com/errata/RHSA-2024:9680
USN-7436-1		https://usn.ubuntu.com/7436-1/

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-24264.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/122371

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-01T13:17:25Z/ Found at https://support.apple.com/en-us/122371

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/122372

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-01T13:17:25Z/ Found at https://support.apple.com/en-us/122372

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/122373

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-01T13:17:25Z/ Found at https://support.apple.com/en-us/122373

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/122377

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-01T13:17:25Z/ Found at https://support.apple.com/en-us/122377

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/122378

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-01T13:17:25Z/ Found at https://support.apple.com/en-us/122378

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/122379

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-01T13:17:25Z/ Found at https://support.apple.com/en-us/122379

Exploit Prediction Scoring System (EPSS)

Percentile	0.17919
EPSS Score	0.00067
Published At	April 5, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2025-04-03T13:21:58.195110+00:00	EPSS Importer	Import	https://epss.cyentia.com/epss_scores-current.csv.gz	36.0.0