How severe is CVE-2024-44187?

CVE-2024-44187 has a CVSS v3 score of 6.5 (MEDIUM).

CVE-2024-44187

6.5MEDIUM

A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. This issue is fixed in Safari 18, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 a

发布于: 9/17/2024更新于: 11/4/2025

描述

A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. This issue is fixed in Safari 18, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, tvOS 18. A malicious website may exfiltrate data cross-origin.

AI分析AI驱动

受影响产品

applesafari

appleipados

appleiphone_os

applemacos

appletvos

applevisionos

applewatchos

参考资料

https://support.apple.com/en-us/121238
Release NotesVendor Advisory
https://support.apple.com/en-us/121240
Release NotesVendor Advisory
https://support.apple.com/en-us/121241
Release NotesVendor Advisory
https://support.apple.com/en-us/121248
Release NotesVendor Advisory
https://support.apple.com/en-us/121249
Release NotesVendor Advisory
https://support.apple.com/en-us/121250
Release NotesVendor Advisory
http://seclists.org/fulldisclosure/2024/Sep/32
http://seclists.org/fulldisclosure/2024/Sep/33
http://seclists.org/fulldisclosure/2024/Sep/36
http://seclists.org/fulldisclosure/2024/Sep/37
https://lists.debian.org/debian-lts-announce/2024/11/msg00019.html