CVE-2024-44255
published 2024-10-28CVE-2024-44255: A path handling issue was addressed with improved logic. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS…
high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
A path handling issue was addressed with improved logic. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1, tvOS 18.1, visionOS 2.1, watchOS 11.1. A malicious app may be able to run arbitrary shortcuts without user consent.
Affected
17 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios_18.1_and_ipados | — | — |
| apple | ios_and_ipados | < 18.1 | 18.1 |
| apple | ipados | < 18.1 | 18.1 |
| apple | iphone_os | < 18.1 | 18.1 |
| apple | macos | < 14.7.1 | 14.7.1 |
| apple | macos | < 15.1 | 15.1 |
| apple | macos | < 13.7.1 | 13.7.1 |
| apple | macos | >= 14.0 < 14.7.1 | 14.7.1 |
| apple | macos_sequoia | — | — |
| apple | macos_sonoma | — | — |
| apple | macos_ventura | — | — |
| apple | tvos | < 18.1 | 18.1 |
| apple | tvos18.1 | — | — |
| apple | visionos | < 2.1 | 2.1 |
| apple | visionos2.1 | — | — |
| apple | watchos | < 11.1 | 11.1 |
| apple | watchos11.1 | — | — |