The issue was addressed with improved checks. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, watchOS 11.1, visionOS 2.1, macOS Sequoia 15.1, Safari 18.1. Processing maliciously crafted web content may prevent Content Security Policy from being enforced.
History

Sat, 16 Nov 2024 02:45:00 +0000

Type Values Removed Values Added
First Time appeared Redhat
Redhat enterprise Linux
Redhat rhel Eus
CPEs cpe:/a:redhat:enterprise_linux:8
cpe:/a:redhat:enterprise_linux:9
cpe:/a:redhat:rhel_eus:9.4
Vendors & Products Redhat
Redhat enterprise Linux
Redhat rhel Eus

Thu, 14 Nov 2024 15:15:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple ipados
Apple iphone Os
Apple macos
Apple safari
Apple tvos
Apple visionos
Apple watchos
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
Vendors & Products Apple
Apple ipados
Apple iphone Os
Apple macos
Apple safari
Apple tvos
Apple visionos
Apple watchos

Sat, 02 Nov 2024 02:15:00 +0000

Type Values Removed Values Added
Title webkitgtk: webkit2gtk: Processing maliciously crafted web content may prevent Content Security Policy from being enforced
Weaknesses CWE-358
References
Metrics threat_severity

None

threat_severity

Moderate


Wed, 30 Oct 2024 15:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 5.4, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 29 Oct 2024 23:00:00 +0000

Type Values Removed Values Added
Description The issue was addressed with improved checks. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, watchOS 11.1, visionOS 2.1. Processing maliciously crafted web content may prevent Content Security Policy from being enforced. The issue was addressed with improved checks. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, watchOS 11.1, visionOS 2.1, macOS Sequoia 15.1, Safari 18.1. Processing maliciously crafted web content may prevent Content Security Policy from being enforced.
References

Mon, 28 Oct 2024 21:15:00 +0000

Type Values Removed Values Added
Description The issue was addressed with improved checks. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, watchOS 11.1, visionOS 2.1. Processing maliciously crafted web content may prevent Content Security Policy from being enforced.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published: 2024-10-28T21:07:47.126Z

Updated: 2024-10-30T14:28:44.955Z

Reserved: 2024-08-20T21:45:40.798Z

Link: CVE-2024-44296

cve-icon Vulnrichment

Updated: 2024-10-30T14:28:36.328Z

cve-icon NVD

Status : Analyzed

Published: 2024-10-28T21:15:08.830

Modified: 2024-11-14T14:58:09.900

Link: CVE-2024-44296

cve-icon Redhat

Severity : Moderate

Publid Date: 2024-10-31T00:00:00Z

Links: CVE-2024-44296 - Bugzilla