CVE-2024-54479
Description
The issue was addressed with improved checks. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Processing maliciously crafted web content may lead to an unexpected process crash.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
CVE-2024-54479 is a denial-of-service vulnerability in Apple WebKit that allows a crash via malicious web content, fixed in recent OS updates.
Background
CVE-2024-54479 is a vulnerability in Apple's WebKit engine that can be triggered by processing maliciously crafted web content, leading to an unexpected process crash. The issue was addressed with improved checks. [1][2][3][4]
Exploitation
An attacker could exploit this vulnerability by convincing a user to view a specially crafted web page, potentially via email, a malicious link, or other web-based attack vectors. No authentication is required, only user interaction.
Impact
Successful exploitation would cause the web content process to crash, resulting in a denial of service. The vulnerability does not appear to allow arbitrary code execution, but disruption of service is possible.
Mitigation
Apple has released patches for this issue in Safari 18.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, and watchOS 11.2. Users should update their devices to the latest available versions. [1][2][3][4]
AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
53cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*range: <18.2
- (no CPE)range: <18.2
- Range: <15.2
- Range: <18.2
- osv-coords43 versionspkg:rpm/almalinux/webkit2gtk3pkg:rpm/almalinux/webkit2gtk3-develpkg:rpm/almalinux/webkit2gtk3-jscpkg:rpm/almalinux/webkit2gtk3-jsc-develpkg:rpm/opensuse/webkit2gtk3&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/webkit2gtk3-soup2&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/webkit2gtk4&distro=openSUSE%20Leap%2015.6pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP6pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Manager%20Proxy%204.3pkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Manager%20Server%204.3pkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6pkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5
< 2.46.5-1.el8_10+ 42 more
- (no CPE)range: < 2.46.5-1.el8_10
- (no CPE)range: < 2.46.5-1.el8_10
- (no CPE)range: < 2.46.5-1.el8_10
- (no CPE)range: < 2.46.5-1.el8_10
- (no CPE)range: < 2.46.5-150600.12.24.1
- (no CPE)range: < 2.46.5-150600.12.24.1
- (no CPE)range: < 2.46.5-150600.12.24.1
- (no CPE)range: < 2.46.6-150200.133.1
- (no CPE)range: < 2.46.6-150200.133.1
- (no CPE)range: < 2.46.5-150400.4.103.1
- (no CPE)range: < 2.46.5-150400.4.103.1
- (no CPE)range: < 2.46.5-150400.4.103.1
- (no CPE)range: < 2.46.5-150400.4.103.1
- (no CPE)range: < 2.46.5-150600.12.24.1
- (no CPE)range: < 2.46.5-4.25.1
- (no CPE)range: < 2.46.6-150200.133.1
- (no CPE)range: < 2.46.5-150400.4.103.1
- (no CPE)range: < 2.46.5-150400.4.103.1
- (no CPE)range: < 2.46.6-150200.133.1
- (no CPE)range: < 2.46.5-150400.4.103.1
- (no CPE)range: < 2.46.5-150400.4.103.1
- (no CPE)range: < 2.46.5-4.25.1
- (no CPE)range: < 2.46.5-150400.4.103.1
- (no CPE)range: < 2.46.5-150400.4.103.1
- (no CPE)range: < 2.46.5-150400.4.103.1
- (no CPE)range: < 2.46.5-150400.4.103.1
- (no CPE)range: < 2.46.5-150600.12.24.1
- (no CPE)range: < 2.46.5-150400.4.103.1
- (no CPE)range: < 2.46.5-150400.4.103.1
- (no CPE)range: < 2.46.5-150400.4.103.1
- (no CPE)range: < 2.46.5-150400.4.103.1
- (no CPE)range: < 2.46.5-150400.4.103.1
- (no CPE)range: < 2.46.5-150400.4.103.1
- (no CPE)range: < 2.46.5-150400.4.103.1
- (no CPE)range: < 2.46.5-150400.4.103.1
- (no CPE)range: < 2.46.5-150400.4.103.1
- (no CPE)range: < 2.46.5-150400.4.103.1
- (no CPE)range: < 2.46.5-150600.12.24.1
- (no CPE)range: < 2.46.5-150600.12.24.1
- (no CPE)range: < 2.46.5-150400.4.103.1
- (no CPE)range: < 2.46.5-150400.4.103.1
- (no CPE)range: < 2.46.5-150400.4.103.1
- (no CPE)range: < 2.46.5-150400.4.103.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
12- support.apple.com/en-us/121837nvdVendor Advisory
- support.apple.com/en-us/121838nvdVendor Advisory
- support.apple.com/en-us/121839nvdVendor Advisory
- support.apple.com/en-us/121843nvdVendor Advisory
- support.apple.com/en-us/121844nvdVendor Advisory
- support.apple.com/en-us/121845nvdVendor Advisory
- support.apple.com/en-us/121846nvdVendor Advisory
- seclists.org/fulldisclosure/2024/Dec/10nvd
- seclists.org/fulldisclosure/2024/Dec/13nvd
- seclists.org/fulldisclosure/2024/Dec/6nvd
- seclists.org/fulldisclosure/2024/Dec/7nvd
- lists.debian.org/debian-lts-announce/2025/01/msg00002.htmlnvd
News mentions
0No linked articles in our index yet.