CVE-2024-44244

CWE-787Out-of-bounds WriteCWE-78814 documents8 sources
Severity
4.3MEDIUM
EPSS
0.3%
top 48.68%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
8
Apple IOS AND IpadosApple MacosApple Safari+5 more
Timeline
PublishedOct 28
Latest updateNov 18

Description

A memory corruption issue was addressed with improved input validation. This issue is fixed in Safari 18.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, tvOS 18.1, visionOS 2.1, watchOS 11.1. Processing maliciously crafted web content may lead to an unexpected process crash.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:LExploitability: 2.8 | Impact: 1.4

Affected Packages16 packages

CVEListV5apple/tvos< 18.1
NVDapple/tvos< 18.1
CVEListV5apple/macos< 15.1
NVDapple/macos< 15.1
CVEListV5apple/safari< 18.1

🔴Vulnerability Details

4
CVEList
CVE-2024-44244: A memory corruption issue was addressed with improved input validation2024-10-28
OSV
CVE-2024-44244: A memory corruption issue was addressed with improved input validation2024-10-28
GHSA
GHSA-jpwg-q62q-pwpw: A memory corruption issue was addressed with improved input validation2024-10-28
OSV
CVE-2024-44244: A memory corruption issue was addressed with improved input validation2024-10-28

📋Vendor Advisories

9
Ubuntu
WebKitGTK vulnerabilities2024-11-18
Apple
CVE-2024-44244: Safari18.12024-10-29
Apple
CVE-2024-44244: watchOS11.12024-10-28
Apple
CVE-2024-44244: macOS Sequoia 15.12024-10-28
Apple
CVE-2024-44244: iOS 18.1 and iPadOS 18.12024-10-28
CVE-2024-44244 (MEDIUM CVSS 4.3) | A memory corruption issue was addre | cvebase.io