The issue was addressed with improved routing of Safari-originated requests. This issue is fixed in macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2, Safari 18.2, iPadOS 17.7.3. On a device with Private Relay enabled, adding a website to the Safari Reading List may reveal the originating IP address to the website.
Metrics
Affected Vendors & Products
References
History
Wed, 18 Dec 2024 18:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Apple
Apple ipados Apple iphone Os Apple macos Apple safari |
|
Weaknesses | NVD-CWE-noinfo | |
CPEs | cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* |
|
Vendors & Products |
Apple
Apple ipados Apple iphone Os Apple macos Apple safari |
Thu, 12 Dec 2024 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-125 | |
Metrics |
cvssV3_1
|
Wed, 11 Dec 2024 23:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | The issue was addressed with improved routing of Safari-originated requests. This issue is fixed in macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2, Safari 18.2, iPadOS 17.7.3. On a device with Private Relay enabled, adding a website to the Safari Reading List may reveal the originating IP address to the website. | |
References |
|
MITRE
Status: PUBLISHED
Assigner: apple
Published: 2024-12-11T22:58:24.725Z
Updated: 2024-12-12T15:45:11.559Z
Reserved: 2024-08-20T21:45:40.785Z
Link: CVE-2024-44246
Vulnrichment
Updated: 2024-12-12T15:44:33.735Z
NVD
Status : Analyzed
Published: 2024-12-12T02:15:24.200
Modified: 2024-12-18T18:08:57.380
Link: CVE-2024-44246
Redhat
No data.