A custom URL scheme handling issue was addressed with improved input validation. This issue is fixed in iOS 18.1 and iPadOS 18.1. A remote attacker may be able to break out of Web Content sandbox.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://support.apple.com/en-us/121563 |
History
Tue, 29 Oct 2024 20:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Apple ios
|
|
CPEs | cpe:2.3:o:apple:ios:*:*:*:*:*:*:*:* | |
Vendors & Products |
Apple ios
|
|
Metrics |
cvssV3_1
|
ssvc
|
Tue, 29 Oct 2024 18:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Apple
Apple ipados Apple iphone Os |
|
Weaknesses | NVD-CWE-noinfo | |
CPEs | cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* |
|
Vendors & Products |
Apple
Apple ipados Apple iphone Os |
|
Metrics |
cvssV3_1
|
Mon, 28 Oct 2024 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A custom URL scheme handling issue was addressed with improved input validation. This issue is fixed in iOS 18.1 and iPadOS 18.1. A remote attacker may be able to break out of Web Content sandbox. | |
References |
|
MITRE
Status: PUBLISHED
Assigner: apple
Published: 2024-10-28T21:07:40.434Z
Updated: 2024-11-01T03:55:33.722Z
Reserved: 2024-07-10T17:11:04.716Z
Link: CVE-2024-40867
Vulnrichment
Updated: 2024-10-29T19:49:09.503Z
NVD
Status : Modified
Published: 2024-10-28T21:15:04.937
Modified: 2024-10-29T20:35:26.040
Link: CVE-2024-40867
Redhat
No data.