CVE-2024-44206
published 2024-10-24CVE-2024-44206: An issue in the handling of URL protocols was addressed with improved logic. This issue is fixed in Safari 17.6, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6…
critical9.3CVSS 3.1
AVNACLPRNUINSCCHILAN
An issue in the handling of URL protocols was addressed with improved logic. This issue is fixed in Safari 17.6, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. A user may be able to bypass some web content restrictions.
Affected
14 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios_17.6_and_ipados | — | — |
| apple | ios_and_ipados | < 17.6 | 17.6 |
| apple | ipados | < 17.6 | 17.6 |
| apple | iphone_os | < 17.6 | 17.6 |
| apple | macos | < 14.6 | 14.6 |
| apple | macos_sonoma | — | — |
| apple | safari | < 17.6 | 17.6 |
| apple | safari | — | — |
| apple | tvos | < 17.6 | 17.6 |
| apple | tvos | — | — |
| apple | visionos | < 1.3 | 1.3 |
| apple | visionos | — | — |
| apple | watchos | < 10.6 | 10.6 |
| apple | watchos | — | — |