cbcvebase.
CVE-2024-27856
published 2025-01-15

CVE-2024-27856: The issue was addressed with improved checks. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5…

high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
The issue was addressed with improved checks. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, watchOS 10.5. Processing a file may lead to unexpected app termination or arbitrary code execution.

Affected

20 ranges
VendorProductVersion rangeFixed in
appleios_16.7.8_and_ipados
appleios_17.5_and_ipados
appleios_and_ipados< 16.7.816.7.8
appleios_and_ipados< 17.517.5
appleipados< 16.7.816.7.8
appleipados>= 17.0 < 17.517.5
appleiphone_os< 16.7.816.7.8
appleiphone_os>= 17.0 < 17.517.5
applemacos< 14.514.5
applemacos_sonoma
applesafari< 17.517.5
applesafari
appletvos< 17.517.5
appletvos
applevisionos< 1.21.2
applevisionos
applewatchos< 10.510.5
applewatchos
debianwebkit2gtk< webkit2gtk 2.46.0-2~deb12u1 (bookworm)webkit2gtk 2.46.0-2~deb12u1 (bookworm)
debianwpewebkit< webkit2gtk 2.46.0-2~deb12u1 (bookworm)webkit2gtk 2.46.0-2~deb12u1 (bookworm)

CVSS provenance

nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
osv7.8HIGH