CVE-2024-44206
CRITICALDescription
An issue in the handling of URL protocols was addressed with improved logic. This issue is fixed in Safari 17.6, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. A user may be able to bypass some web content restrictions.
Is your site exposed to CVE-2024-44206?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Affected Products
| Vendor | Product |
|---|---|
| apple | safari |
| apple | ipados |
| apple | iphone_os |
| apple | macos |
| apple | tvos |
| apple | visionos |
References
Advisories & Patches
Other References
Frequently Asked Questions
What is CVE-2024-44206? +
How severe is CVE-2024-44206? +
What products are affected by CVE-2024-44206? +
How do I check if I'm vulnerable to CVE-2024-44206? +
Related Vulnerabilities
A logic issue was addressed with improved file handling. This issue is fixed in macOS Sequoia 15. An app may …
This issue was addressed with improved validation of file attributes. This issue is fixed in macOS Sequoia 15. An app …
Use after free in Browser in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer …
An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in Safari 18.3.1, …
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.8.5 and iPadOS 15.8.5, …
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.3 and iPadOS …