CVE-2024-44206

CVSS 5.4 MEDIUMEPSS 0.5%

An issue in the handling of URL protocols was addressed with improved logic. This issue is fixed in Safari 17.6, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. A user may be able to bypass some web content restrictions.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Affected products

Apple · iOS and iPadOS Apple · macOS Apple · Safari Apple · tvOS Apple · visionOS Apple · watchOS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://seclists.org/fulldisclosure/2024/Nov/6 https://support.apple.com/en-us/120909 https://support.apple.com/en-us/120911 https://support.apple.com/en-us/120913 https://support.apple.com/en-us/120914 https://support.apple.com/en-us/120915 https://support.apple.com/en-us/120916