- Description
- A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. This issue is fixed in Safari 18, iOS 18 and iPadOS 18, macOS Sequoia 15, tvOS 18, visionOS 2, watchOS 11. A malicious website may exfiltrate data cross-origin.
- Source
- product-security@apple.com
- NVD status
- Modified
- Products
- safari, ipados, iphone_os, macos, tvos, visionos, watchos
CVSS 3.1
- Type
- Primary
- Base score
- 6.5
- Impact score
- 3.6
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
- Hype score
- Not currently trending
New post from https://t.co/uXvPWJy6tj (CVE-2024-44187 | Apple tvOS iFrame cross-domain policy (Nessus ID 208985)) has been published on https://t.co/gxNGryxUew
@WolfgangSesin
10 Mar 2025
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
New post from https://t.co/uXvPWJy6tj (CVE-2024-44187 | Apple macOS iFrame cross-domain policy (Nessus ID 208985)) has been published on https://t.co/cZAz6RrukP
@WolfgangSesin
10 Mar 2025
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
New post from https://t.co/uXvPWJy6tj (CVE-2024-44187 | Apple visionOS iFrame cross-domain policy (Nessus ID 208985)) has been published on https://t.co/GkYYJpjPu8
@WolfgangSesin
10 Mar 2025
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0DCB4657-8F40-418E-8E98-743C271E4CDE",
"versionEndExcluding": "18.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ACD3B3B0-329C-413B-BDF7-6B1C6298846E",
"versionEndExcluding": "18.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2222A2EE-00FA-4019-8779-13B82A4F9DD0",
"versionEndExcluding": "18.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8017C16-A17E-4AE7-9A0B-1295200A3A45",
"versionEndExcluding": "15.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F34BD4C1-5C6A-4C6D-BD96-8CC3F3CBFF74",
"versionEndExcluding": "18.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A6AE7B0F-C356-4601-9636-617CDD09F009",
"versionEndExcluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05C212C2-3E65-47DB-A0AE-417A8178ADC6",
"versionEndExcluding": "11.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]