Lucene search

AppleCVE-2024-40782

HistoryJul 29, 2024 - 11:15 p.m.

CVE-2024-40782

2024-07-2923:15:11

CWE-416

apple

web.nvd.nist.gov

use-after-free

memory management

ios

ipados

safari

watchos

tvos

visionos

macos sonoma

unexpected process crash

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

Confidence

Low

EPSS

0.001

Percentile

17.6%

JSON

A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to an unexpected process crash.

Affected configurations

Vulners

Vulnrichment

Node

applesafariRange<17.6

iphone_osRange<17.6

ipad_osRange<17.6

iphone_osRange<16.7

ipad_osRange<16.7

watchosRange<10.6

macosRange<14.6

visionosRange<1.3

tvosRange<17.6

VendorProductVersionCPE
applesafari*cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
*iphone_os*cpe:2.3:apple:*:iphone_os:*:*:*:*:*:*:*:*
*ipad_os*cpe:2.3:apple:*:ipad_os:*:*:*:*:*:*:*:*
*watchos*cpe:2.3:apple:*:watchos:*:*:*:*:*:*:*:*
*macos*cpe:2.3:apple:*:macos:*:*:*:*:*:*:*:*
*visionos*cpe:2.3:apple:*:visionos:*:*:*:*:*:*:*:*
*tvos*cpe:2.3:apple:*:tvos:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
apple	safari	*	cpe:2.3:a:apple:safari::::::::
*	iphone_os	*	cpe:2.3:apple::iphone_os::::::::*
*	ipad_os	*	cpe:2.3:apple::ipad_os::::::::*
*	watchos	*	cpe:2.3:apple::watchos::::::::*
*	macos	*	cpe:2.3:apple::macos::::::::*
*	visionos	*	cpe:2.3:apple::visionos::::::::*
*	tvos	*	cpe:2.3:apple::tvos::::::::*

CNA Affected

[
  {
    "vendor": "Apple",
    "product": "Safari",
    "versions": [
      {
        "version": "unspecified",
        "status": "affected",
        "lessThan": "17.6",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "Apple",
    "product": "iOS and iPadOS",
    "versions": [
      {
        "version": "unspecified",
        "status": "affected",
        "lessThan": "17.6",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "Apple",
    "product": "iOS and iPadOS",
    "versions": [
      {
        "version": "unspecified",
        "status": "affected",
        "lessThan": "16.7",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "Apple",
    "product": "watchOS",
    "versions": [
      {
        "version": "unspecified",
        "status": "affected",
        "lessThan": "10.6",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "Apple",
    "product": "macOS",
    "versions": [
      {
        "version": "unspecified",
        "status": "affected",
        "lessThan": "14.6",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "Apple",
    "product": "visionOS",
    "versions": [
      {
        "version": "unspecified",
        "status": "affected",
        "lessThan": "1.3",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "Apple",
    "product": "tvOS",
    "versions": [
      {
        "version": "unspecified",
        "status": "affected",
        "lessThan": "17.6",
        "versionType": "custom"
      }
    ]
  }
]