A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. This issue is fixed in Safari 18, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, tvOS 18. A malicious website may exfiltrate data cross-origin.
Metrics
Affected Vendors & Products
References
History
Thu, 17 Oct 2024 02:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat
Redhat enterprise Linux |
|
CPEs | cpe:/a:redhat:enterprise_linux:9 | |
Vendors & Products |
Redhat
Redhat enterprise Linux |
Thu, 26 Sep 2024 02:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
| |
Metrics |
threat_severity
|
threat_severity
|
Wed, 25 Sep 2024 19:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Title | webkitgtk: A malicious website may exfiltrate data cross-origin | |
References |
| |
Metrics |
threat_severity
|
threat_severity
|
Wed, 25 Sep 2024 13:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Apple
Apple ipados Apple iphone Os Apple macos Apple safari Apple tvos Apple visionos Apple watchos |
|
Weaknesses | CWE-346 | |
CPEs | cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* |
|
Vendors & Products |
Apple
Apple ipados Apple iphone Os Apple macos Apple safari Apple tvos Apple visionos Apple watchos |
|
Metrics |
cvssV3_1
|
Tue, 17 Sep 2024 21:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Mon, 16 Sep 2024 23:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. This issue is fixed in Safari 18, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, tvOS 18. A malicious website may exfiltrate data cross-origin. | |
References |
|
MITRE
Status: PUBLISHED
Assigner: apple
Published: 2024-09-16T23:23:16.230Z
Updated: 2024-09-17T13:46:52.600Z
Reserved: 2024-08-20T21:42:05.933Z
Link: CVE-2024-44187
Vulnrichment
Updated: 2024-09-17T13:46:45.960Z
NVD
Status : Analyzed
Published: 2024-09-17T00:15:52.037
Modified: 2024-09-25T13:25:52.043
Link: CVE-2024-44187
Redhat