CVE-2024-54658

Published: Feb 10, 2025Modified: Apr 2, 2026

6.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

The issue was addressed with improved memory handling. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. Processing web content may lead to a denial-of-service.

Affected (7)

Products: Apple: Ipados, Iphone Os, Macos, Safari, Tvos, Visionos, Watchos

7 products

Configuration A

7 vulnerable

Vulnerable Software	Affected Versions
Apple Ipados	Before 17.4
Apple Iphone Os	Before 17.4
Apple Macos	Before 14.4
Apple Safari	Before 17.4
Apple Tvos	Before 17.4
Apple Visionos	Before 1.1
Apple Watchos	Before 10.4

Related CWEs

Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

References (6)

https://support.apple.com/en-us/120881

Source: product-security@apple.com

Vendor Advisory

https://support.apple.com/en-us/120882

Source: product-security@apple.com

Vendor Advisory

https://support.apple.com/en-us/120883

Source: product-security@apple.com

Vendor Advisory

https://support.apple.com/en-us/120893

Source: product-security@apple.com

Vendor Advisory

https://support.apple.com/en-us/120894

Source: product-security@apple.com

Vendor Advisory

https://support.apple.com/en-us/120895

Source: product-security@apple.com

Vendor Advisory

Timeline

No history available yet.