A cookie management issue was addressed with improved state management. This issue is fixed in Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, macOS Sequoia 15.1.1, iOS 18.1.1 and iPadOS 18.1.1, visionOS 2.1.1. Processing maliciously crafted web content may lead to a cross site scripting attack. Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems.
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
| Apple |
|
No data.
No data.
References
History
Thu, 21 Nov 2024 18:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
kev
|
Thu, 21 Nov 2024 16:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Apple
Apple ipad Os Apple iphone Os Apple macos Apple safari Apple visionos |
|
| Weaknesses | CWE-79 | |
| CPEs | cpe:2.3:a:apple:safari:-:*:*:*:*:*:*:* cpe:2.3:o:apple:ipad_os:-:*:*:*:*:*:*:* cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:iphone:* cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:* cpe:2.3:o:apple:visionos:-:*:*:*:*:*:*:* |
|
| Vendors & Products |
Apple
Apple ipad Os Apple iphone Os Apple macos Apple safari Apple visionos |
|
| Metrics |
cvssV3_1
|
Tue, 19 Nov 2024 23:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A cookie management issue was addressed with improved state management. This issue is fixed in Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, macOS Sequoia 15.1.1, iOS 18.1.1 and iPadOS 18.1.1, visionOS 2.1.1. Processing maliciously crafted web content may lead to a cross site scripting attack. Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems. | |
| References |
|
MITRE
Status: PUBLISHED
Assigner: apple
Published: 2024-11-19T23:43:55.493Z
Updated: 2024-11-21T17:20:23.295Z
Reserved: 2024-08-20T21:45:40.801Z
Link: CVE-2024-44309
Vulnrichment
Updated: 2024-11-20T18:05:00.587Z
NVD
Status : Received
Published: 2024-11-20T00:15:17.137
Modified: 2024-11-20T00:15:17.137
Link: CVE-2024-44309
Redhat
No data.