An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to an unexpected process crash.
History

Wed, 30 Oct 2024 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 29 Oct 2024 02:30:00 +0000

Type Values Removed Values Added
First Time appeared Redhat rhel E4s
Redhat rhel Eus
CPEs cpe:/a:redhat:rhel_e4s:9.0
cpe:/a:redhat:rhel_eus:9.2
Vendors & Products Redhat rhel E4s
Redhat rhel Eus

Thu, 17 Oct 2024 02:45:00 +0000

Type Values Removed Values Added
First Time appeared Redhat
Redhat enterprise Linux
CPEs cpe:/a:redhat:enterprise_linux:9
Vendors & Products Redhat
Redhat enterprise Linux

Tue, 27 Aug 2024 19:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-125
References
Metrics threat_severity

Important

threat_severity

Moderate


Fri, 23 Aug 2024 16:00:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple ipados
Apple iphone Os
Apple macos
Apple safari
Apple tvos
Apple visionos
Apple watchos
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
Vendors & Products Apple
Apple ipados
Apple iphone Os
Apple macos
Apple safari
Apple tvos
Apple visionos
Apple watchos
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H'}

cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published: 2024-07-29T22:16:57.905Z

Updated: 2024-10-30T14:23:38.110Z

Reserved: 2024-07-10T17:11:04.689Z

Link: CVE-2024-40789

cve-icon Vulnrichment

Updated: 2024-08-02T04:39:54.706Z

cve-icon NVD

Status : Modified

Published: 2024-07-29T23:15:12.270

Modified: 2024-10-30T15:35:13.230

Link: CVE-2024-40789

cve-icon Redhat

Severity : Moderate

Publid Date: 2024-07-29T00:00:00Z

Links: CVE-2024-40789 - Bugzilla