CVE-2024-44206

Severity

54%

Complexity

27%

Confidentiality

41%

An issue in the handling of URL protocols was addressed with improved logic. This issue is fixed in tvOS 17.6, visionOS 1.3, Safari 17.6, watchOS 10.6, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6. A user may be able to bypass some web content restrictions.

CVSS 3.1 Base Score 5.4. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N).

CVSS 3.1 Base Score 9.3. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N).

Overview

First reported 3 months ago

2024-10-24 17:15:00

Last updated 3 months ago

2024-11-21 21:15:00

Affected Software

Apple Safari

References

https://support.apple.com/en-us/120916

https://support.apple.com/en-us/120911

https://support.apple.com/en-us/120913

https://support.apple.com/en-us/120909

https://support.apple.com/en-us/120914

https://support.apple.com/en-us/120915

https://support.apple.com/en-us/120916

Release Notes, Vendor Advisory

https://support.apple.com/en-us/120911

Release Notes, Vendor Advisory

https://support.apple.com/en-us/120913

Release Notes, Vendor Advisory

https://support.apple.com/en-us/120909

Release Notes, Vendor Advisory

https://support.apple.com/en-us/120914

Release Notes, Vendor Advisory

https://support.apple.com/en-us/120915

Release Notes, Vendor Advisory

http://seclists.org/fulldisclosure/2024/Nov/6

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.