Lucene search

K

[email protected]NVD:CVE-2024-40782

HistoryJul 29, 2024 - 11:15 p.m.

CVE-2024-40782

2024-07-2923:15:11

CWE-416

[email protected]

web.nvd.nist.gov

5

use-after-free

ios 16.7.9

ipados 16.7.9

safari 17.6

watchos 10.6

tvos 17.6

visionos 1.3

macos sonoma 14.6

memory management

unexpected process crash

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

17.6%

A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to an unexpected process crash.

References

seclists.org/fulldisclosure/2024/Jul/15

seclists.org/fulldisclosure/2024/Jul/16

seclists.org/fulldisclosure/2024/Jul/17

seclists.org/fulldisclosure/2024/Jul/18

seclists.org/fulldisclosure/2024/Jul/21

seclists.org/fulldisclosure/2024/Jul/22

seclists.org/fulldisclosure/2024/Jul/23

support.apple.com/en-us/HT214116

support.apple.com/en-us/HT214117

support.apple.com/en-us/HT214119

support.apple.com/en-us/HT214121

support.apple.com/en-us/HT214122

support.apple.com/en-us/HT214123

support.apple.com/en-us/HT214124

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

17.6%

Related for NVD:CVE-2024-40782

osv7 cvelist1 vulnrichment1 redhatcve1 debiancve1 cve1 nessus14 openvas14 fedora3 apple7