A custom URL scheme handling issue was addressed with improved input validation. This issue is fixed in Safari 18, iOS 17.7.1 and iPadOS 17.7.1, macOS Sequoia 15, watchOS 11, iOS 18 and iPadOS 18. Maliciously crafted web content may violate iframe sandboxing policy.
References
| Link | Resource |
|---|---|
| https://support.apple.com/en-us/121238 | Release Notes Vendor Advisory |
| https://support.apple.com/en-us/121240 | Release Notes Vendor Advisory |
| https://support.apple.com/en-us/121241 | Release Notes Vendor Advisory |
| https://support.apple.com/en-us/121250 | Release Notes Vendor Advisory |
| https://support.apple.com/en-us/121567 | Release Notes Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
29 Oct 2024, 17:34
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* |
|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
| CWE | NVD-CWE-noinfo | |
| First Time |
Apple iphone Os
Apple safari Apple Apple ipados Apple macos Apple watchos |
|
| References | () https://support.apple.com/en-us/121241 - Release Notes, Vendor Advisory | |
| References | () https://support.apple.com/en-us/121567 - Release Notes, Vendor Advisory | |
| References | () https://support.apple.com/en-us/121238 - Release Notes, Vendor Advisory | |
| References | () https://support.apple.com/en-us/121250 - Release Notes, Vendor Advisory | |
| References | () https://support.apple.com/en-us/121240 - Release Notes, Vendor Advisory |
28 Oct 2024, 21:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-10-28 21:15
Updated : 2025-03-18 19:15
NVD link : CVE-2024-44155
Mitre link : CVE-2024-44155
JSON object : View
Products Affected
apple
- watchos
- ipados
- safari
- macos
- iphone_os
CWE