Vulnerability Description
The issue was addressed with improved checks. This issue is fixed in Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, iOS 18.1.1 and iPadOS 18.1.1, macOS Sequoia 15.1.1, visionOS 2.1.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian | Debian Linux | 11.0 |
| Apple | Safari | < 18.1.1 |
| Apple | Ipados | < 17.7.2 |
| Apple | Iphone Os | < 17.7.2 |
| Apple | Macos | >= 15.0, < 15.1.1 |
| Apple | Visionos | < 2.1.1 |
References
- https://support.apple.com/en-us/121752Vendor Advisory
- https://support.apple.com/en-us/121753Vendor Advisory
- https://support.apple.com/en-us/121754Vendor Advisory
- https://support.apple.com/en-us/121755Vendor Advisory
- https://support.apple.com/en-us/121756Vendor Advisory
- http://seclists.org/fulldisclosure/2024/Nov/16Mailing ListThird Party Advisory
- https://lists.debian.org/debian-lts-announce/2024/12/msg00003.htmlMailing List
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-US Government Resource
FAQ
What is CVE-2024-44308?
CVE-2024-44308 is a vulnerability with a CVSS score of 8.8 (HIGH). The issue was addressed with improved checks. This issue is fixed in Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, iOS 18.1.1 and iPadOS 18.1.1, macOS Sequoia 15.1.1, visionOS 2.1.1. Processing malicio...
How severe is CVE-2024-44308?
CVE-2024-44308 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-44308?
Check the references section above for vendor advisories and patch information. Affected products include: Debian Debian Linux, Apple Safari, Apple Ipados, Apple Iphone Os, Apple Macos.