CVE-2024-23280
Description
An injection issue was addressed with improved validation. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, watchOS 10.4. A maliciously crafted webpage may be able to fingerprint the user.
CWE
- (none)
Affected
- Apple / Safari — v=0 <17.4 [affected]
- Apple / iOS and iPadOS — v=0 <17.4 [affected]
- Apple / macOS — v=0 <14.4 [affected]
- Apple / tvOS — v=0 <17.4 [affected]
- Apple / watchOS — v=0 <10.4 [affected]
CVSS
- (none)
References
- https://support.apple.com/en-us/120881
- https://support.apple.com/en-us/120882
- https://support.apple.com/en-us/120893
- https://support.apple.com/en-us/120894
- https://support.apple.com/en-us/120895
Source
cvelistV5-main/cves/2024/23xxx/CVE-2024-23280.json