CVE-2024-54540

CVE Database · CVE-2024-54540

CVE-2024-54540

· MEDIUMModified

CVSS v3.1

4.3

EPSS

0.21%

Published

Jan 15, 2025

Modified

Mar 24, 2025

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

The issue was addressed with improved input sanitization. This issue is fixed in Apple Music 1.5.0.152 for Windows. Processing maliciously crafted web content may disclose internal states of the app.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Weaknesses (CWE)

CWE-79

Affected Products (4)

apple · music (up to 1.5.0.152)vulnerable

microsoft · windows_10_22h2

microsoft · windows_11_24h2

References (1)

https://support.apple.com/en-us/122043

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs