How severe is CVE-2024-44187?

CVE-2024-44187 has a CVSS v3 score of 6.5 (MEDIUM).

CVE-2024-44187

6.5MEDIUM

A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. This issue is fixed in Safari 18, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 a

Publicado: 9/17/2024Actualizado: 11/4/2025

Descripción

A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. This issue is fixed in Safari 18, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, tvOS 18. A malicious website may exfiltrate data cross-origin.

Análisis IAImpulsado por IA

Productos Afectados

applesafari

appleipados

appleiphone_os

applemacos

appletvos

applevisionos

applewatchos

Referencias

https://support.apple.com/en-us/121238
Release NotesVendor Advisory
https://support.apple.com/en-us/121240
Release NotesVendor Advisory
https://support.apple.com/en-us/121241
Release NotesVendor Advisory
https://support.apple.com/en-us/121248
Release NotesVendor Advisory
https://support.apple.com/en-us/121249
Release NotesVendor Advisory
https://support.apple.com/en-us/121250
Release NotesVendor Advisory
http://seclists.org/fulldisclosure/2024/Sep/32
http://seclists.org/fulldisclosure/2024/Sep/33
http://seclists.org/fulldisclosure/2024/Sep/36
http://seclists.org/fulldisclosure/2024/Sep/37
https://lists.debian.org/debian-lts-announce/2024/11/msg00019.html