Description
The issue was addressed with improved checks. This issue is fixed in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to an unexpected process crash.
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Apple | tvOS | affected |
|
||||||
| Apple | visionOS | affected |
|
||||||
| Apple | macOS | affected |
|
||||||
| Apple | watchOS | affected |
|
||||||
| Apple | iOS and iPadOS | affected |
|
||||||
| Apple | Safari | affected |
|
Configuration 1 [-]
|
| Package | CPE | Advisory | Released Date |
|---|---|---|---|
| Red Hat Enterprise Linux 7 Extended Lifecycle Support | |||
| webkitgtk4-0:2.48.3-2.el7_9 | cpe:/o:redhat:rhel_els:7 | RHSA-2025:10364 | 2025-07-07T00:00:00Z |
| Red Hat Enterprise Linux 8 | |||
| webkit2gtk3-0:2.46.5-1.el8_10 | cpe:/a:redhat:enterprise_linux:8 | RHSA-2025:0145 | 2025-01-09T00:00:00Z |
| Red Hat Enterprise Linux 8.2 Advanced Update Support | |||
| webkit2gtk3-0:2.46.5-1.el8_2 | cpe:/a:redhat:rhel_aus:8.2 | RHSA-2025:0276 | 2025-01-13T00:00:00Z |
| Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support | |||
| webkit2gtk3-0:2.46.5-1.el8_4 | cpe:/a:redhat:rhel_aus:8.4 | RHSA-2025:0278 | 2025-01-13T00:00:00Z |
| Red Hat Enterprise Linux 8.4 Telecommunications Update Service | |||
| webkit2gtk3-0:2.46.5-1.el8_4 | cpe:/a:redhat:rhel_tus:8.4 | RHSA-2025:0278 | 2025-01-13T00:00:00Z |
| Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions | |||
| webkit2gtk3-0:2.46.5-1.el8_4 | cpe:/a:redhat:rhel_e4s:8.4 | RHSA-2025:0278 | 2025-01-13T00:00:00Z |
| Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support | |||
| webkit2gtk3-0:2.46.5-1.el8_6 | cpe:/a:redhat:rhel_aus:8.6 | RHSA-2025:0277 | 2025-01-13T00:00:00Z |
| Red Hat Enterprise Linux 8.6 Telecommunications Update Service | |||
| webkit2gtk3-0:2.46.5-1.el8_6 | cpe:/a:redhat:rhel_tus:8.6 | RHSA-2025:0277 | 2025-01-13T00:00:00Z |
| Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions | |||
| webkit2gtk3-0:2.46.5-1.el8_6 | cpe:/a:redhat:rhel_e4s:8.6 | RHSA-2025:0277 | 2025-01-13T00:00:00Z |
| Red Hat Enterprise Linux 8.8 Extended Update Support | |||
| webkit2gtk3-0:2.46.5-1.el8_8 | cpe:/a:redhat:rhel_eus:8.8 | RHSA-2025:0279 | 2025-01-13T00:00:00Z |
| Red Hat Enterprise Linux 9 | |||
| webkit2gtk3-0:2.46.5-1.el9_5 | cpe:/a:redhat:enterprise_linux:9 | RHSA-2025:0146 | 2025-01-09T00:00:00Z |
| Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions | |||
| webkit2gtk3-0:2.46.5-1.el9_0 | cpe:/a:redhat:rhel_e4s:9.0 | RHSA-2025:0283 | 2025-01-13T00:00:00Z |
| Red Hat Enterprise Linux 9.2 Extended Update Support | |||
| webkit2gtk3-0:2.46.5-1.el9_2 | cpe:/a:redhat:rhel_eus:9.2 | RHSA-2025:0282 | 2025-01-13T00:00:00Z |
| Red Hat Enterprise Linux 9.4 Extended Update Support | |||
| webkit2gtk3-0:2.46.5-1.el9_4 | cpe:/a:redhat:rhel_eus:9.4 | RHSA-2025:0226 | 2025-01-09T00:00:00Z |
No data available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 Debian DLA |
DLA-4009-1 | webkit2gtk security update |
 Debian DSA |
DSA-5835-1 | webkit2gtk security update |
 EUVD |
EUVD-2024-52601 | The issue was addressed with improved checks. This issue is fixed in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to an unexpected process crash. |
 Ubuntu USN |
USN-7201-1 | WebKitGTK vulnerabilities |
References
History
Mon, 03 Nov 2025 23:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
Mon, 03 Nov 2025 21:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
Mon, 07 Jul 2025 14:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Redhat rhel Els
|
|
| CPEs | cpe:/o:redhat:rhel_els:7 | |
| Vendors & Products |
Redhat rhel Els
|
Thu, 13 Feb 2025 00:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Redhat
Redhat enterprise Linux Redhat rhel Aus Redhat rhel E4s Redhat rhel Eus Redhat rhel Tus |
|
| CPEs | cpe:/a:redhat:enterprise_linux:8 cpe:/a:redhat:enterprise_linux:9 cpe:/a:redhat:rhel_aus:8.2 cpe:/a:redhat:rhel_aus:8.4 cpe:/a:redhat:rhel_aus:8.6 cpe:/a:redhat:rhel_e4s:8.4 cpe:/a:redhat:rhel_e4s:8.6 cpe:/a:redhat:rhel_e4s:9.0 cpe:/a:redhat:rhel_eus:8.8 cpe:/a:redhat:rhel_eus:9.2 cpe:/a:redhat:rhel_eus:9.4 cpe:/a:redhat:rhel_tus:8.4 cpe:/a:redhat:rhel_tus:8.6 |
|
| Vendors & Products |
Redhat
Redhat enterprise Linux Redhat rhel Aus Redhat rhel E4s Redhat rhel Eus Redhat rhel Tus |
Wed, 25 Dec 2024 13:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | webkit: Processing maliciously crafted web content may lead to an unexpected process crash | |
| References |
| |
| Metrics |
threat_severity
|
threat_severity
|
Wed, 18 Dec 2024 14:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Apple
Apple ipados Apple iphone Os Apple macos Apple safari Apple tvos Apple visionos Apple watchos |
|
| Weaknesses | NVD-CWE-noinfo | |
| CPEs | cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* |
|
| Vendors & Products |
Apple
Apple ipados Apple iphone Os Apple macos Apple safari Apple tvos Apple visionos Apple watchos |
Thu, 12 Dec 2024 16:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-125 | |
| Metrics |
cvssV3_1
|
Wed, 11 Dec 2024 23:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | The issue was addressed with improved checks. This issue is fixed in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to an unexpected process crash. | |
| References |
|
MITRE
Status: PUBLISHED
Assigner: apple
Published:
Updated: 2025-11-03T22:31:17.057Z
Reserved: 2024-12-03T22:50:35.499Z
Link: CVE-2024-54502
Vulnrichment
Updated: 2025-11-03T22:31:17.057Z
NVD
Status : Modified
Published: 2024-12-12T02:15:30.957
Modified: 2025-11-03T23:17:26.870
Link: CVE-2024-54502
Redhat
OpenCVE Enrichment
No data.
Weaknesses