VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-z18a-4d6n-p3bb

Essentials
Severities (95)
References (29)
Severity details (17)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-z18a-4d6n-p3bb
Aliases	CVE-2024-54534
Summary	The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to memory corruption.
Status	Published
Exploitability	0.5
Weighted Severity	8.8
Risk	4.4
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-787

Out-of-bounds Write

System	Score	Found at
cvssv3	8.8	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-54534.json
cvssv3	9.8	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-54534.json
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00107	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00107	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00107	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00107	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00126	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00126	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00126	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00126	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00126	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00126	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00126	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00126	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00126	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00126	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00138	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00138	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00138	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00138	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00138	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00138	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00138	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00138	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00138	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00138	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00138	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00178	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00178	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00178	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00178	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00178	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00178	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00178	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00178	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00178	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00178	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00178	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00178	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00178	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00178	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00178	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00178	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00178	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00178	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00178	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00178	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00178	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00183	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00183	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00183	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00209	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00209	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00209	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00209	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00209	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00209	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00209	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00209	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00209	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00209	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00209	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00209	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00209	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00209	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00209	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00209	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00209	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00209	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00209	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00209	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00209	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00209	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00209	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00209	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00209	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
epss	0.00209	https://api.first.org/data/v1/epss?cve=CVE-2024-54534
cvssv3.1	8.8	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3	9.8	https://nvd.nist.gov/vuln/detail/CVE-2024-54534
cvssv3.1	9.8	https://nvd.nist.gov/vuln/detail/CVE-2024-54534
cvssv3.1	8.8	https://support.apple.com/en-us/121837
ssvc	Track	https://support.apple.com/en-us/121837
cvssv3.1	8.8	https://support.apple.com/en-us/121839
ssvc	Track	https://support.apple.com/en-us/121839
cvssv3.1	8.8	https://support.apple.com/en-us/121843
ssvc	Track	https://support.apple.com/en-us/121843
cvssv3.1	8.8	https://support.apple.com/en-us/121844
ssvc	Track	https://support.apple.com/en-us/121844
cvssv3.1	8.8	https://support.apple.com/en-us/121845
ssvc	Track	https://support.apple.com/en-us/121845
cvssv3.1	8.8	https://support.apple.com/en-us/121846
ssvc	Track	https://support.apple.com/en-us/121846

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-54534.json
		https://api.first.org/data/v1/epss?cve=CVE-2024-54534
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54534
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://security.netapp.com/advisory/ntap-20250418-0002/
121837		https://support.apple.com/en-us/121837
121839		https://support.apple.com/en-us/121839
121843		https://support.apple.com/en-us/121843
121844		https://support.apple.com/en-us/121844
121845		https://support.apple.com/en-us/121845
121846		https://support.apple.com/en-us/121846
2333846		https://bugzilla.redhat.com/show_bug.cgi?id=2333846
cpe:2.3:a:apple:safari::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:safari::::::::
cpe:2.3:o:apple:ipados::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:ipados::::::::
cpe:2.3:o:apple:iphone_os::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os::::::::
cpe:2.3:o:apple:macos::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:macos::::::::
cpe:2.3:o:apple:tvos::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos::::::::
cpe:2.3:o:apple:visionos::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:visionos::::::::
cpe:2.3:o:apple:watchos::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos::::::::
CVE-2024-54534		https://nvd.nist.gov/vuln/detail/CVE-2024-54534
RHSA-2024:8180		https://access.redhat.com/errata/RHSA-2024:8180
RHSA-2024:8492		https://access.redhat.com/errata/RHSA-2024:8492
RHSA-2024:8496		https://access.redhat.com/errata/RHSA-2024:8496
RHSA-2024:9553		https://access.redhat.com/errata/RHSA-2024:9553
RHSA-2024:9636		https://access.redhat.com/errata/RHSA-2024:9636
RHSA-2024:9646		https://access.redhat.com/errata/RHSA-2024:9646
RHSA-2024:9653		https://access.redhat.com/errata/RHSA-2024:9653
RHSA-2024:9679		https://access.redhat.com/errata/RHSA-2024:9679
RHSA-2024:9680		https://access.redhat.com/errata/RHSA-2024:9680

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-54534.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-54534.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2024-54534

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2024-54534

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/121837

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-13T18:42:40Z/ Found at https://support.apple.com/en-us/121837

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/121839

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-13T18:42:40Z/ Found at https://support.apple.com/en-us/121839

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/121843

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-13T18:42:40Z/ Found at https://support.apple.com/en-us/121843

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/121844

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-13T18:42:40Z/ Found at https://support.apple.com/en-us/121844

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/121845

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-13T18:42:40Z/ Found at https://support.apple.com/en-us/121845

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/121846

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-13T18:42:40Z/ Found at https://support.apple.com/en-us/121846

Exploit Prediction Scoring System (EPSS)

Percentile	0.12177
EPSS Score	0.00044
Published At	Dec. 13, 2024, midnight

Date	Actor	Action	Source	VulnerableCode Version
2024-12-13T15:05:01.477196+00:00	NVD Importer	Import	https://nvd.nist.gov/vuln/detail/CVE-2024-54534	35.0.0