A path handling issue was addressed with improved logic. This issue is fixed in visionOS 2.1, iOS 18.1 and iPadOS 18.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1, tvOS 18.1. A malicious app may be able to run arbitrary shortcuts without user consent.
Metrics
Affected Vendors & Products
References
History
Wed, 30 Oct 2024 18:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Apple macos
Apple watchos |
|
CPEs | cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* |
|
Vendors & Products |
Apple macos
Apple watchos |
Wed, 30 Oct 2024 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Apple
Apple ipados Apple iphone Os Apple mac Os Apple tvos Apple visionos Apple watch Os |
|
Weaknesses | CWE-22 | |
CPEs | cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* cpe:2.3:o:apple:mac_os:*:*:*:*:*:*:*:* cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:watch_os:*:*:*:*:*:*:*:* |
|
Vendors & Products |
Apple
Apple ipados Apple iphone Os Apple mac Os Apple tvos Apple visionos Apple watch Os |
|
Metrics |
cvssV3_1
|
Mon, 28 Oct 2024 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A path handling issue was addressed with improved logic. This issue is fixed in visionOS 2.1, iOS 18.1 and iPadOS 18.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1, tvOS 18.1. A malicious app may be able to run arbitrary shortcuts without user consent. | |
References |
|
MITRE
Status: PUBLISHED
Assigner: apple
Published: 2024-10-28T21:07:44.639Z
Updated: 2024-11-01T03:55:39.520Z
Reserved: 2024-08-20T21:45:40.786Z
Link: CVE-2024-44255
Vulnrichment
Updated: 2024-10-30T16:01:20.622Z
NVD
Status : Analyzed
Published: 2024-10-28T21:15:07.003
Modified: 2024-10-30T18:26:03.767
Link: CVE-2024-44255
Redhat
No data.