← Back

CVE-2024-44212

nvd nist
Published: Dec 12, 2024Modified: Apr 2, 2026

JSON object

Loading...
5.3
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Exploitability: 3.9 / Impact: 1.4
Source: NVD

Description

A cookie management issue was addressed with improved state management. This issue is fixed in Safari 18.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, tvOS 18.1, visionOS 2.1, watchOS 11.1. Cookies belonging to one origin may be sent to another origin.

Affected (6)

Apple
6 products
Ipados
Iphone Os
Safari
Tvos
Visionos
Watchos
Configuration A
6 vulnerable
Vulnerable SoftwareAffected Versions
Ipados
Before 18.1
Iphone Os
Before 18.1
Safari
Before 18.1
Tvos
Before 18.1
Visionos
Before 2.1
Watchos
Before 11.1

Related CWEs

CWE-346
Origin Validation Error
The product does not properly verify that the source of data or communication is valid.

References (6)

Source: product-security@apple.com
Vendor Advisory
Source: product-security@apple.com
Source: product-security@apple.com
Vendor Advisory
Source: product-security@apple.com
Vendor Advisory
Source: product-security@apple.com
Vendor Advisory
Source: product-security@apple.com
Vendor Advisory

Timeline

No history available yet.