CVE-2024-40866
published 2024-09-17CVE-2024-40866: The issue was addressed with improved UI. This issue is fixed in Safari 18, macOS Sequoia 15. Visiting a malicious website may lead to address bar spoofing.
medium6.5CVSS 3.1
AVNACLPRNUIRSUCNIHAN
The issue was addressed with improved UI. This issue is fixed in Safari 18, macOS Sequoia 15. Visiting a malicious website may lead to address bar spoofing.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | macos | < 15 | 15 |
| apple | macos | < 15.0 | 15.0 |
| apple | macos_sequoia | — | — |
| apple | safari | < 18 | 18 |
| apple | safari | < 18.0 | 18.0 |
| apple | safari | — | — |
| debian | webkit2gtk | < webkit2gtk 2.46.0-2~deb12u1 (bookworm) | webkit2gtk 2.46.0-2~deb12u1 (bookworm) |
| debian | wpewebkit | < webkit2gtk 2.46.0-2~deb12u1 (bookworm) | webkit2gtk 2.46.0-2~deb12u1 (bookworm) |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
osv6.5MEDIUM