CVE-2024-44185

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

he issue was addressed with improved checks. This issue is fixed in tvOS 17.6, visionOS 1.3, Safari 17.6, watchOS 10.6, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to an unexpected process crash.

References

Link	Resource
https://support.apple.com/en-us/120909	Release Notes Vendor Advisory
https://support.apple.com/en-us/120911	Release Notes Vendor Advisory
https://support.apple.com/en-us/120913	Release Notes Vendor Advisory
https://support.apple.com/en-us/120914	Release Notes Vendor Advisory
https://support.apple.com/en-us/120915	Release Notes Vendor Advisory
https://support.apple.com/en-us/120916	Release Notes Vendor Advisory
https://lists.debian.org/debian-lts-announce/2024/11/msg00019.html

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:apple:safari::::::::
	cpe:2.3:o:apple:ipados::::::::
	cpe:2.3:o:apple:iphone_os::::::::
	cpe:2.3:o:apple:macos::::::::
	cpe:2.3:o:apple:tvos::::::::
	cpe:2.3:o:apple:visionos::::::::
	cpe:2.3:o:apple:watchos::::::::

History

03 Nov 2025, 22:18

Type	Values Removed	Values Added
References		() https://lists.debian.org/debian-lts-announce/2024/11/msg00019.html -

29 Oct 2024, 15:22

Type	Values Removed	Values Added
References	~~() https://support.apple.com/en-us/120909 -~~	() https://support.apple.com/en-us/120909 - Release Notes, Vendor Advisory
References	~~() https://support.apple.com/en-us/120911 -~~	() https://support.apple.com/en-us/120911 - Release Notes, Vendor Advisory
References	~~() https://support.apple.com/en-us/120913 -~~	() https://support.apple.com/en-us/120913 - Release Notes, Vendor Advisory
References	~~() https://support.apple.com/en-us/120914 -~~	() https://support.apple.com/en-us/120914 - Release Notes, Vendor Advisory
References	~~() https://support.apple.com/en-us/120915 -~~	() https://support.apple.com/en-us/120915 - Release Notes, Vendor Advisory
References	~~() https://support.apple.com/en-us/120916 -~~	() https://support.apple.com/en-us/120916 - Release Notes, Vendor Advisory
CWE		NVD-CWE-noinfo
First Time		Apple safari Apple ipados Apple macos Apple Apple visionos Apple watchos Apple tvos Apple iphone Os
CPE		cpe:2.3:a:apple:safari:::::::: cpe:2.3:o:apple:macos:::::::: cpe:2.3:o:apple:ipados:::::::: cpe:2.3:o:apple:watchos:::::::: cpe:2.3:o:apple:tvos:::::::: cpe:2.3:o:apple:iphone_os:::::::: cpe:2.3:o:apple:visionos::::::::
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5

25 Oct 2024, 12:56

Type	Values Removed	Values Added
Summary		(es) El problema se solucionó con comprobaciones mejoradas. Este problema se solucionó en tvOS 17.6, visionOS 1.3, Safari 17.6, watchOS 10.6, iOS 17.6 y iPadOS 17.6, macOS Sonoma 14.6. El procesamiento de contenido web manipulado con fines malintencionados puede provocar un bloqueo inesperado del proceso.

24 Oct 2024, 17:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-10-24 17:15

Updated : 2025-11-03 22:18

NVD link : CVE-2024-44185

Mitre link : CVE-2024-44185

CVE.ORG link : CVE-2024-44185

JSON object : View

Products Affected

apple

CWE

NVD-CWE-noinfo

5.5 /10