Home

Description

This issue was addressed through improved state management. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, visionOS 2.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, Safari 18.1. An attacker may be able to misuse a trust relationship to download malicious content.

PUBLISHED Reserved 2024-08-20 | Published 2024-10-28 | Updated 2025-11-03 | Assigner apple

Problem types

An attacker may be able to misuse a trust relationship to download malicious content

Product status

Any version before 2.1
affected

Any version before 17.7
affected

Any version before 18.1
affected

Any version before 15.1
affected

Any version before 18.1
affected

References

seclists.org/fulldisclosure/2024/Oct/19

seclists.org/fulldisclosure/2024/Oct/11

seclists.org/fulldisclosure/2024/Oct/10

seclists.org/fulldisclosure/2024/Oct/9

support.apple.com/en-us/121566

support.apple.com/en-us/121567

support.apple.com/en-us/121563

support.apple.com/en-us/121564

support.apple.com/en-us/121571

cve.org (CVE-2024-44259)

nvd.nist.gov (CVE-2024-44259)