How severe is CVE-2024-44187?

CVE-2024-44187 has a CVSS v3 score of 6.5 (MEDIUM).

CVE-2024-44187

6.5MEDIUM

A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. This issue is fixed in Safari 18, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 a

Опубликовано: 9/17/2024Обновлено: 11/4/2025

Описание

A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. This issue is fixed in Safari 18, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, tvOS 18. A malicious website may exfiltrate data cross-origin.

ИИ-АнализНа базе ИИ

Затронутые продукты

applesafari

appleipados

appleiphone_os

applemacos

appletvos

applevisionos

applewatchos

Ссылки

https://support.apple.com/en-us/121238
Release NotesVendor Advisory
https://support.apple.com/en-us/121240
Release NotesVendor Advisory
https://support.apple.com/en-us/121241
Release NotesVendor Advisory
https://support.apple.com/en-us/121248
Release NotesVendor Advisory
https://support.apple.com/en-us/121249
Release NotesVendor Advisory
https://support.apple.com/en-us/121250
Release NotesVendor Advisory
http://seclists.org/fulldisclosure/2024/Sep/32
http://seclists.org/fulldisclosure/2024/Sep/33
http://seclists.org/fulldisclosure/2024/Sep/36
http://seclists.org/fulldisclosure/2024/Sep/37
https://lists.debian.org/debian-lts-announce/2024/11/msg00019.html