- Description
- The issue was addressed with improved checks. This issue is fixed in Safari 18.1, iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, tvOS 18.1, visionOS 2.1, watchOS 11.1. Processing maliciously crafted web content may prevent Content Security Policy from being enforced.
- Source
- product-security@apple.com
- NVD status
- Modified
- Products
- safari, ipados, iphone_os, macos, tvos, visionos, watchos
CVSS 3.1
- Type
- Primary
- Base score
- 5.4
- Impact score
- 2.5
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
- Severity
- MEDIUM
- Hype score
- Not currently trending
Two vulnerabilities now patched of Safari and WebKit iOS 18.1 📌 CVE-2024-44259: Trust relationship misuse to download malicious content. 📌 CVE-2024-44296: Bypass of Content Security Policy (CSP) enforcement via malicious web content. Thanks to @Apple Security for their
@minacrissDev_
14 May 2025
548 Impressions
0 Retweets
1 Like
0 Bookmarks
2 Replies
0 Quotes
Two vulnerabilities now patched of Safari and WebKit iOS 18.1 📌 CVE-2024-44259: Trust relationship misuse to download malicious content. 📌 CVE-2024-44296: Bypass of Content Security Policy (CSP) enforcement via malicious web content. Thanks to @Apple Security for their swift
@imnarendrabhati
29 Oct 2024
354 Impressions
0 Retweets
7 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"matchCriteriaId": "65D91653-5027-489A-B579-AA18414C3747",
"versionEndExcluding": "18.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F42291CA-6AC4-4F11-AC23-B3FE25139483",
"versionEndExcluding": "17.7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C1AEAF56-49F9-4F1F-993C-97ECD7BDA012",
"versionEndExcluding": "18.1",
"versionStartIncluding": "18.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "468FFF6F-879C-4AF4-BC42-6A1AA30441C3",
"versionEndExcluding": "17.7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "748B3415-F0B7-4677-B6C7-3EC7CFA8CCA5",
"versionEndExcluding": "18.1",
"versionStartIncluding": "18.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D298E1D-DD23-4D35-9DE4-E3F5999F97AA",
"versionEndExcluding": "15.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5D57FCAE-9B33-4532-BC69-BC3D35719EDB",
"versionEndExcluding": "18.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15E4723D-CD2B-4486-A69C-27F843844A80",
"versionEndExcluding": "2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5DB9A303-7D3D-4167-9F28-64AA4B1EC0E1",
"versionEndExcluding": "11.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]