CVE-2024-44308

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-44308

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-44308.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-44308

Downstream

DEBIAN-CVE-2024-44308

DLA-3982-1

DSA-5823-1

RHSA-2025:10364

SUSE-SU-2024:4117-1

SUSE-SU-2024:4167-1

SUSE-SU-2024:4292-1

SUSE-SU-2024:4293-1

SUSE-SU-2025:0043-1

SUSE-SU-2025:0096-1

SUSE-SU-2025:0104-1

UBUNTU-CVE-2024-44308

USN-7142-1

Related

Published

2024-11-20T00:15:17Z

Modified

2025-08-09T19:01:27Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

The issue was addressed with improved checks. This issue is fixed in Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, macOS Sequoia 15.1.1, iOS 18.1.1 and iPadOS 18.1.1, visionOS 2.1.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems.

References

Affected packages