6.5

CVE-2024-40789

EPSS 0.94%
Veröffentlicht 29.07.2024 23:15:12
Zuletzt bearbeitet 02.04.2026 19:17:44
Quelle product-security@apple.com
CVE-Watchlists
Login
Unerledigt
Login

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in Safari 17.6, iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. Processing maliciously crafted web content may lead to an unexpected process crash.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 31

NVD 9 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Apple ≫ Safari Version < 17.6

Apple ≫ iPadOS Version < 16.7.9

Apple ≫ iPadOS Version >= 17.0 < 17.6

Apple ≫ iPhone OS Version < 16.7.9

Apple ≫ iPhone OS Version >= 17.0 < 17.6

Apple ≫ macOS Version < 14.6

Apple ≫ tvOS Version < 17.6

Apple ≫ visionOS Version < 1.3

Apple ≫ watchOS Version < 10.6

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.94%	0.764

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

http://seclists.org/fulldisclosure/2024/Jul/18

Third Party Advisory

Mailing List

https://support.apple.com/kb/HT214119

http://seclists.org/fulldisclosure/2024/Jul/16

Third Party Advisory

Mailing List

http://seclists.org/fulldisclosure/2024/Jul/17

Third Party Advisory

Mailing List

http://seclists.org/fulldisclosure/2024/Jul/21

Third Party Advisory

Mailing List

http://seclists.org/fulldisclosure/2024/Jul/22

Third Party Advisory

Mailing List

http://seclists.org/fulldisclosure/2024/Jul/23

Third Party Advisory

Mailing List

https://support.apple.com/kb/HT214116

https://support.apple.com/kb/HT214117

https://support.apple.com/kb/HT214122

https://support.apple.com/kb/HT214124

http://seclists.org/fulldisclosure/2024/Jul/15

Third Party Advisory

Mailing List

https://support.apple.com/en-us/HT214123

Vendor Advisory

Release Notes

https://support.apple.com/en-us/HT214119

Vendor Advisory

Release Notes

https://support.apple.com/en-us/HT214117

Vendor Advisory

Release Notes

https://support.apple.com/en-us/HT214122

Vendor Advisory

Release Notes

https://support.apple.com/en-us/HT214124

Vendor Advisory

Release Notes

https://support.apple.com/en-us/HT214116

Vendor Advisory

Release Notes

https://support.apple.com/en-us/HT214121

Vendor Advisory

Release Notes

https://support.apple.com/kb/HT214121

Vendor Advisory

Release Notes

https://support.apple.com/en-us/120915

https://support.apple.com/en-us/120911

https://support.apple.com/en-us/120909

https://support.apple.com/en-us/120913

https://support.apple.com/en-us/120914

https://support.apple.com/en-us/120916

https://support.apple.com/en-us/120908

https://lists.debian.org/debian-lts-announce/2024/09/msg00006.html

https://nvd.nist.gov/vuln/detail/CVE-2024-40789

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-40789

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-40789

EUVD