{"vulnerability": "CVE-2024-4549", "sightings": [{"uuid": "f7868ff0-c224-447d-9eab-0cb7c36d91cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45496", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_21/2024", "content": "", "creation_timestamp": "2024-09-17T08:33:44.000000Z"}, {"uuid": "3d81c6cd-8493-420d-8955-dddaabdd1fe4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45496", "type": "published-proof-of-concept", "source": "Telegram/3SEzWsXdf8TByVUaB-OgVj6bLDcmIrVBMSBDXfTff8j0U4c", "content": "", "creation_timestamp": "2025-10-29T21:00:05.000000Z"}, {"uuid": "5cd56115-3eca-4793-9c4e-a90df2867413", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45496", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/13398", "content": "\u200aCritical Flaws in Red Hat OpenShift: CVE-2024-45496 (CVSS 9.9) &amp; CVE-2024-7387 (CVSS 9.1)\n\nhttps://securityonline.info/flaws-in-red-hat-openshift-cve-2024-45496-cve-2024-7387/", "creation_timestamp": "2024-09-18T09:07:12.000000Z"}, {"uuid": "8db0aea3-d421-4659-9a6d-2fad4e80c5bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45498", "type": "seen", "source": "https://t.me/cvedetector/5012", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45498 - Apache Airflow Command Injection\", \n  \"Content\": \"CVE ID : CVE-2024-45498 \nPublished : Sept. 7, 2024, 8:15 a.m. | 34\u00a0minutes ago \nDescription : Example DAG: example_inlet_event_extra.py shipped with Apache Airflow version 2.10.0 has a vulnerability that allows an authenticated attacker with only DAG trigger permission to execute arbitrary commands. If you used that example as the base of your DAGs - please review if you have not copied the dangerous example; see   \u00a0for more information. We recommend against exposing the example DAGs in your deployment. If you must expose the example DAGs, upgrade Airflow to version 2.10.1 or later. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-07T10:59:08.000000Z"}, {"uuid": "3bd84482-7f60-4ea5-b1fc-64f63cd586ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45490", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-317-01", "content": "", "creation_timestamp": "2024-11-12T12:00:00.000000Z"}, {"uuid": "c82e3c88-77f0-42f3-b607-869f0c5a193a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45491", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-317-01", "content": "", "creation_timestamp": "2024-11-12T12:00:00.000000Z"}, {"uuid": "b1a40b0d-e576-4952-b670-870d92c8c8c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45492", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-317-01", "content": "", "creation_timestamp": "2024-11-12T12:00:00.000000Z"}, {"uuid": "7e86b34f-b4fa-4b0f-967d-c2a36e1d1aca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45492", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-162-05", "content": "", "creation_timestamp": "2025-06-12T10:00:00.000000Z"}, {"uuid": "d68e6749-77a7-4f09-aaa0-41963f769e80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45490", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-162-05", "content": "", "creation_timestamp": "2025-06-12T10:00:00.000000Z"}, {"uuid": "4619dacd-fcae-4ddf-bfa9-2886e7f62e68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45491", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-162-05", "content": "", "creation_timestamp": "2025-06-12T10:00:00.000000Z"}, {"uuid": "67183549-71bc-4f2a-b74c-f386b781200d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45490", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3marpvokz3j2w", "content": "", "creation_timestamp": "2025-12-25T02:23:45.751139Z"}, {"uuid": "72a80cd5-7741-4f26-9cae-b31592e6b8d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45496", "type": "published-proof-of-concept", "source": "Telegram/D3mQBREINJrKJGuUtbwrIjm_5pF4z1L7KtO9lYr5193VrD4", "content": "", "creation_timestamp": "2025-11-11T09:00:05.000000Z"}, {"uuid": "892dc626-1911-4feb-b525-98ad0db37bda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45496", "type": "seen", "source": "https://t.me/cvedetector/5781", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45496 - OpenShift Privilege Escalation Command Injection\", \n  \"Content\": \"CVE ID : CVE-2024-45496 \nPublished : Sept. 17, 2024, 12:15 a.m. | 45\u00a0minutes ago \nDescription : A flaw was found in OpenShift. This issue occurs due to the misuse of elevated privileges in the OpenShift Container Platform's build process. During the build initialization step, the git-clone container is run with a privileged security context, allowing unrestricted access to the node. An attacker with developer-level access can provide a crafted .gitconfig file containing commands executed during the cloning process, leading to arbitrary command execution on the worker node. An attacker running code in a privileged container could escalate their permissions on the node running the container. \nSeverity: 9.9 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-17T03:04:26.000000Z"}, {"uuid": "7be9cfb2-2e89-430a-82bb-9ec7aaefc612", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45492", "type": "seen", "source": "https://t.me/cvedetector/4492", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45492 - Apache libexpat Integer Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45492 \nPublished : Aug. 30, 2024, 3:15 a.m. | 18\u00a0minutes ago \nDescription : An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for m_groupSize on 32-bit platforms (where UINT_MAX equals SIZE_MAX). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-30T05:37:08.000000Z"}, {"uuid": "673c74e9-5658-46b4-8b18-352240a45501", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45491", "type": "seen", "source": "https://t.me/cvedetector/4493", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45491 - Exploit Material Handling Limited XML Parsing Integer Overflow\", \n  \"Content\": \"CVE ID : CVE-2024-45491 \nPublished : Aug. 30, 2024, 3:15 a.m. | 18\u00a0minutes ago \nDescription : An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-30T05:37:13.000000Z"}, {"uuid": "ebcbf8a9-bd18-41c7-8bd1-70c802f9ebe0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45490", "type": "seen", "source": "https://t.me/cvedetector/4494", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45490 - \"Apache Libexpat XML Parsing NULL Pointer Dereference Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-45490 \nPublished : Aug. 30, 2024, 3:15 a.m. | 18\u00a0minutes ago \nDescription : An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-30T05:37:13.000000Z"}, {"uuid": "5abb0129-a836-442c-acb0-51a1a0300f19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45495", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113564461785540005", "content": "", "creation_timestamp": "2024-11-29T04:56:07.893309Z"}, {"uuid": "6e1f2db7-4ed6-459e-a9f5-f9cbde55e1c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45497", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113745095078243743", "content": "", "creation_timestamp": "2024-12-31T02:33:33.297474Z"}, {"uuid": "12835d7a-1564-4496-a774-668fa397e130", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45490", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3maqf2qmon22k", "content": "", "creation_timestamp": "2025-12-24T13:37:09.656727Z"}, {"uuid": "e0c70e43-c693-46e4-bfee-db6df84a7aae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45490", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3maqfsrl6tk2k", "content": "", "creation_timestamp": "2025-12-24T13:50:35.057823Z"}, {"uuid": "d8b91956-46f6-4497-9130-4ab428229c8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45490", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3maqlo4tna22k", "content": "", "creation_timestamp": "2025-12-24T15:35:23.172562Z"}, {"uuid": "dd1c4300-d168-44dd-aba0-a191cf8418d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2024-45490", "type": "seen", "source": "https://gist.github.com/alvinzane/770d6fbf8d62161d03f968a1cf4d42c6", "content": "", "creation_timestamp": "2026-02-27T15:36:34.000000Z"}, {"uuid": "00b12432-a705-4ac9-9944-892b680d4391", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2024-45491", "type": "seen", "source": "https://gist.github.com/alvinzane/770d6fbf8d62161d03f968a1cf4d42c6", "content": "", "creation_timestamp": "2026-02-27T15:36:34.000000Z"}, {"uuid": "9a96ef54-6d28-420c-9df0-adcdf6683b98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2024-45492", "type": "seen", "source": "https://gist.github.com/alvinzane/770d6fbf8d62161d03f968a1cf4d42c6", "content": "", "creation_timestamp": "2026-02-27T15:36:34.000000Z"}, {"uuid": "d5bac31d-f4df-4632-9892-8f97c29bbe54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45490", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7633", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-45490\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer.\n\ud83d\udccf Published: 2024-08-30T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-14T19:07:39.114Z\n\ud83d\udd17 References:\n1. https://github.com/libexpat/libexpat/pull/890\n2. https://github.com/libexpat/libexpat/issues/887", "creation_timestamp": "2025-03-14T19:45:03.000000Z"}, {"uuid": "6dbafd84-4c71-4168-9749-a6eff2f5d0fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45497", "type": "seen", "source": "https://t.me/cvedetector/13970", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45497 - OpenShift Docker Build Path Traversal Privilege Escalation Denial of Service\", \n  \"Content\": \"CVE ID : CVE-2024-45497 \nPublished : Dec. 31, 2024, 3:15 a.m. | 36\u00a0minutes ago \nDescription : A flaw was found in the OpenShift build process, where the docker-build container is configured with a hostPath volume mount that maps the node's /var/lib/kubelet/config.json file into the build pod. This file contains sensitive credentials necessary for pulling images from private repositories. The mount is not read-only, which allows the attacker to overwrite it. By modifying the config.json file, the attacker can cause a denial of service by preventing the node from pulling new images and potentially exfiltrating sensitive secrets. This flaw impacts the availability of services dependent on image pulls and exposes sensitive information to unauthorized parties. \nSeverity: 7.6 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-31T05:20:28.000000Z"}, {"uuid": "8433e0f9-955c-4e6a-a212-3a0861184ab2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45494", "type": "seen", "source": "https://t.me/cvedetector/12527", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45494 - MSA Safety FieldServer Account Disclosure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45494 \nPublished : Dec. 10, 2024, 5:15 p.m. | 35\u00a0minutes ago \nDescription : An issue was discovered in MSA Safety FieldServer Gateways and Embedded Modules with build revisions before 7.0.0. The FieldServer Gateway has an internally used shared administrative user account on all devices. The authentication for this user is implemented through an unsafe shared secret that is static in all affected firmware versions. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-10T19:08:57.000000Z"}, {"uuid": "6d3e1db2-e7f3-4737-ad0e-1b35ffd12f43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45493", "type": "seen", "source": "https://t.me/cvedetector/12526", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45493 - MSA Safety FieldServer Authentication Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45493 \nPublished : Dec. 10, 2024, 5:15 p.m. | 35\u00a0minutes ago \nDescription : An issue was discovered in MSA Safety FieldServer Gateways and Embedded Modules with build revisions before 7.0.0. The FieldServer Gateway has internal users, whose access is supposed to be restricted to login locally on the device. However, an attacker can bypass the check for this, which might allow them to authenticate with an internal user account from the network (if they know their password). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-10T19:08:56.000000Z"}, {"uuid": "593207ee-1509-4b36-8192-20e6a44c1f91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45490", "type": "seen", "source": "https://t.me/true_secator/6533", "content": "Apple \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043a\u0440\u0443\u043f\u043d\u044b\u0435 \u043f\u0430\u0442\u0447\u0438 \u0441 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438 \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u044d\u043a\u043e\u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 iOS \u0438 macOS, \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044f \u043e \u0440\u0438\u0441\u043a\u0430\u0445 \u0443\u0442\u0435\u0447\u043a\u0438 \u0434\u0430\u043d\u043d\u044b\u0445, \u0432\u044b\u0445\u043e\u0434\u0430 \u0438\u0437 \u043f\u0435\u0441\u043e\u0447\u043d\u0438\u0446\u044b \u0438 \u0430\u0442\u0430\u043a \u0441 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u0434\u0430.\n\n\u0412\u044b\u0448\u0435\u0434\u0448\u0438\u0435 iOS 18.2 \u0438 macOS Sequoia 15.2 \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u044f\u0434\u0440\u0435, \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430\u0445 WebKit, AppleMobileFileIntegrity, Passwords \u0438 ImageIO.\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0442 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0439 \u0434\u0435\u0444\u0435\u043a\u0442 \u0432 libexpat, \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0439 \u0443\u0442\u0438\u043b\u0438\u0442\u0435 \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c, \u0438\u043d\u0442\u0435\u0433\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0432 \u041f\u041e Apple.\n\n\u041e\u0448\u0438\u0431\u043a\u0430, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043a CVE-2024-45490, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0438 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u0437\u0430\u0432\u0435\u0440\u0448\u0435\u043d\u0438\u0435 \u0440\u0430\u0431\u043e\u0442\u044b \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u0446\u0438\u0438, \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 iOS 18.2 \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442 \u043f\u0430\u0440\u0443 \u043e\u0448\u0438\u0431\u043e\u043a \u0432 AppleMobileFileIntegrity, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u043c \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c \u0437\u0430\u0449\u0438\u0442\u0443 \u0438 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.\u00a0\n\nApple \u0442\u0430\u043a\u0436\u0435 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u0430 \u043e\u0448\u0438\u0431\u043e\u043a \u044f\u0434\u0440\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0435 \u0434\u043b\u044f \u0437\u0430\u043f\u0438\u0441\u0438 \u0441\u043e\u043f\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0430\u043c\u044f\u0442\u0438 \u0438   \u0434\u043e\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u0443\u0442\u0435\u0447\u043a\u0443 \u0447\u0435\u0440\u0435\u0437 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043e \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0438 \u044f\u0434\u0440\u0430.\n\n\u0422\u0440\u0430\u0434\u0438\u0446\u0438\u043e\u043d\u043d\u043e \u0431\u0435\u0437 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u043d\u0435 \u043e\u0441\u0442\u0430\u043b\u0441\u044f \u0434\u0432\u0438\u0436\u043e\u043a \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430 WebKit, \u0433\u0434\u0435 \u0437\u0430\u043a\u0440\u044b\u0442\u044b \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0441\u0431\u043e\u044f\u043c \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0432 \u0438\u043b\u0438 \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044e \u043f\u0430\u043c\u044f\u0442\u0438 \u043f\u0440\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u0432\u0435\u0431-\u043a\u043e\u043d\u0442\u0435\u043d\u0442\u0430.\n\nApple \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 Passwords \u0441 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u043e\u0448\u0438\u0431\u043a\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c, \u043d\u0430\u0445\u043e\u0434\u044f\u0449\u0438\u043c\u0441\u044f \u0432 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c \u043f\u043e\u043b\u043e\u0436\u0435\u043d\u0438\u0438 \u0432 \u0441\u0435\u0442\u0438, \u0438\u0437\u043c\u0435\u043d\u044f\u0442\u044c \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0442\u0440\u0430\u0444\u0438\u043a.\u00a0\n\n\u0412 \u043d\u043e\u0432\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 macOS Sequoia 15.2 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 Apple \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0438 \u0434\u0435\u0441\u044f\u0442\u043a\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u043e\u0448\u0438\u0431\u043a\u0443 \u0432 IOMobileFrameBuffer, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0434\u043e\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u0430\u0442\u0430\u043a\u0438 \u0441 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u0434\u0430 \u0432 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0435 DCP.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f watchOS, tvOS \u0438 visionOS.", "creation_timestamp": "2024-12-12T11:05:44.000000Z"}, {"uuid": "7e829ba4-4eb2-4fbc-a7fd-1a4a50e7bbac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2024-45498", "type": "seen", "source": "https://bsky.app/profile/sec-news-bot.bsky.social/post/3mmeg2jl2ef2g", "content": "", "creation_timestamp": "2026-05-21T12:25:13.460091Z"}, {"uuid": "6ce325aa-ac96-4d33-9b4a-4342c3aa50b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45490", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-259-02", "content": "", "creation_timestamp": "2025-09-16T10:00:00.000000Z"}, {"uuid": "1c881b89-854a-4e7c-a3d4-a618771551ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45491", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-259-02", "content": "", "creation_timestamp": "2025-09-16T10:00:00.000000Z"}, {"uuid": "5fbdc88d-ba88-4257-a645-7134bbd574be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45492", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-259-02", "content": "", "creation_timestamp": "2025-09-16T10:00:00.000000Z"}]}