Today > vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-44309

Nov. 20, 2024, 12:15 a.m.

Tags

product-security@apple.com
2024-11-20
CVE-2024-44309

Product(s) Impacted

Safari

  • 18.1.1

iOS

  • 17.7.2
  • 18.1.1

iPadOS

  • 17.7.2
  • 18.1.1

macOS Sequoia

  • 15.1.1

visionOS

  • 2.1.1

Description

A cookie management issue was addressed with improved state management. This issue is fixed in Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, macOS Sequoia 15.1.1, iOS 18.1.1 and iPadOS 18.1.1, visionOS 2.1.1. Processing maliciously crafted web content may lead to a cross site scripting attack. Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems.

Weaknesses

Date

Published: Nov. 20, 2024, 12:15 a.m.

Last Modified: Nov. 20, 2024, 12:15 a.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

product-security@apple.com

References

https://support.apple.com/ product-security@apple.com
https://support.apple.com/ product-security@apple.com
https://support.apple.com/ product-security@apple.com
https://support.apple.com/ product-security@apple.com
https://support.apple.com/ product-security@apple.com