- Description
- This issue was addressed through improved state management. This issue is fixed in Safari 18.1, iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, visionOS 2.1. An attacker may be able to misuse a trust relationship to download malicious content.
- Source
- product-security@apple.com
- NVD status
- Modified
- Products
- safari, ipados, iphone_os, macos, visionos
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- Severity
- HIGH
- Hype score
- Not currently trending
Two vulnerabilities now patched of Safari and WebKit iOS 18.1 📌 CVE-2024-44259: Trust relationship misuse to download malicious content. 📌 CVE-2024-44296: Bypass of Content Security Policy (CSP) enforcement via malicious web content. Thanks to @Apple Security for their
@minacrissDev_
14 May 2025
548 Impressions
0 Retweets
1 Like
0 Bookmarks
2 Replies
0 Quotes
Two vulnerabilities now patched of Safari and WebKit iOS 18.1 📌 CVE-2024-44259: Trust relationship misuse to download malicious content. 📌 CVE-2024-44296: Bypass of Content Security Policy (CSP) enforcement via malicious web content. Thanks to @Apple Security for their swift
@imnarendrabhati
29 Oct 2024
354 Impressions
0 Retweets
7 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-44259 This issue was addressed through improved state management. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, visionOS 2.1, iOS 18.1 and iPadOS 18.1. An attacker m… https://t.co/18UsjBjoz2
@CVEnew
28 Oct 2024
748 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"matchCriteriaId": "65D91653-5027-489A-B579-AA18414C3747",
"versionEndExcluding": "18.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F42291CA-6AC4-4F11-AC23-B3FE25139483",
"versionEndExcluding": "17.7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C1AEAF56-49F9-4F1F-993C-97ECD7BDA012",
"versionEndExcluding": "18.1",
"versionStartIncluding": "18.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "468FFF6F-879C-4AF4-BC42-6A1AA30441C3",
"versionEndExcluding": "17.7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "748B3415-F0B7-4677-B6C7-3EC7CFA8CCA5",
"versionEndExcluding": "18.1",
"versionStartIncluding": "18.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0410F19B-88D5-4943-B216-D0FACF30DAB6",
"versionEndExcluding": "15.1",
"versionStartIncluding": "15.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15E4723D-CD2B-4486-A69C-27F843844A80",
"versionEndExcluding": "2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]