CVE-2024-44131

This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An app may be able to access sensitive user data.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

History

24 Sep 2024, 19:01

Type Values Removed Values Added
References () https://support.apple.com/en-us/121238 - () https://support.apple.com/en-us/121238 - Release Notes
References () https://support.apple.com/en-us/121250 - () https://support.apple.com/en-us/121250 - Release Notes
First Time Apple iphone Os
Apple ipados
Apple macos
Apple
CPE cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.5
CWE CWE-59

20 Sep 2024, 12:31

Type Values Removed Values Added
Summary
  • (es) Este problema se solucionó con una validación mejorada de los enlaces simbólicos. Este problema se solucionó en iOS 18 y iPadOS 18, macOS Sequoia 15. Una aplicación puede tener acceso a datos confidenciales del usuario.

17 Sep 2024, 00:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-17 00:15

Updated : 2024-09-24 19:01


NVD link : CVE-2024-44131

Mitre link : CVE-2024-44131

CVE.ORG link : CVE-2024-44131


JSON object : View

Products Affected

apple

  • macos
  • ipados
  • iphone_os
CWE
CWE-59

Improper Link Resolution Before File Access ('Link Following')