CVE-2024-40867
published 2024-10-28CVE-2024-40867: A custom URL scheme handling issue was addressed with improved input validation. This issue is fixed in iOS 18.1 and iPadOS 18.1. A remote attacker may be able…
critical9.6CVSS 3.1
AVNACLPRNUIRSCCHIHAH
A custom URL scheme handling issue was addressed with improved input validation. This issue is fixed in iOS 18.1 and iPadOS 18.1. A remote attacker may be able to break out of Web Content sandbox.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios_18.1_and_ipados | — | — |
| apple | ios_and_ipados | < 18.1 | 18.1 |
| apple | ipados | < 18.1 | 18.1 |
| apple | iphone_os | < 18.1 | 18.1 |