CVE-2024-44229 - Vulnerability Details

An information leakage was addressed with additional validation. This issue is fixed in visionOS 2.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, Safari 18.1. Private browsing may leak some browsing history.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact partial

Vendors	Products
Apple	Ios Ipados Iphone Os Macos Safari Visionos

Configuration 1 [-]

OR	cpe:2.3:o:apple:ipados::::::::
	cpe:2.3:o:apple:iphone_os::::::::
	cpe:2.3:o:apple:visionos::::::::

No data.

References

Link	Providers
https://support.apple.com/en-us/121563
https://support.apple.com/en-us/121564
https://support.apple.com/en-us/121566
https://support.apple.com/en-us/121571

History

Wed, 30 Oct 2024 20:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Apple ios Apple macos Apple safari
CPEs		cpe:2.3:a:apple:safari:::::::: cpe:2.3:o:apple:ios:::::::: cpe:2.3:o:apple:macos::::::::
Vendors & Products		Apple ios Apple macos Apple safari
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Tue, 29 Oct 2024 23:00:00 +0000

Type	Values Removed	Values Added
Description	An information leakage was addressed with additional validation. This issue is fixed in visionOS 2.1, iOS 18.1 and iPadOS 18.1. Private browsing may leak some browsing history.	An information leakage was addressed with additional validation. This issue is fixed in visionOS 2.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, Safari 18.1. Private browsing may leak some browsing history.
References		https://support.apple.com/en-us/121564 https://support.apple.com/en-us/121571

Tue, 29 Oct 2024 21:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Apple Apple ipados Apple iphone Os Apple visionos
Weaknesses		NVD-CWE-noinfo
CPEs		cpe:2.3:o:apple:ipados:::::::: cpe:2.3:o:apple:iphone_os:::::::: cpe:2.3:o:apple:visionos::::::::
Vendors & Products		Apple Apple ipados Apple iphone Os Apple visionos
Metrics		cvssV3_1 `{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N'}`

Mon, 28 Oct 2024 21:15:00 +0000

Type	Values Removed	Values Added
Description		An information leakage was addressed with additional validation. This issue is fixed in visionOS 2.1, iOS 18.1 and iPadOS 18.1. Private browsing may leak some browsing history.
References		https://support.apple.com/en-us/121563 https://support.apple.com/en-us/121566

MITRE

Status: PUBLISHED

Assigner: apple

Published: 2024-10-28T21:08:07.183Z

Updated: 2024-10-30T19:46:27.370Z

Reserved: 2024-08-20T21:45:40.784Z

Link: CVE-2024-44229

Vulnrichment

Updated: 2024-10-30T19:46:16.067Z

NVD

Status : Modified

Published: 2024-10-28T21:15:06.417

Modified: 2024-10-29T23:15:03.437

Link: CVE-2024-44229

Redhat

No data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Exploitation none

Automatable yes

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object