CVE-2024-44213

An issue existed in the parsing of URLs. This issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An attacker in a privileged network position may be able to leak sensitive user information.
References
Link Resource
https://support.apple.com/en-us/121568 Release Notes Vendor Advisory
https://support.apple.com/en-us/121570 Release Notes Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

History

30 Oct 2024, 19:35

Type Values Removed Values Added
CWE CWE-922

30 Oct 2024, 17:19

Type Values Removed Values Added
First Time Apple macos
Apple
CWE NVD-CWE-noinfo
CPE cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.9
References () https://support.apple.com/en-us/121568 - () https://support.apple.com/en-us/121568 - Release Notes, Vendor Advisory
References () https://support.apple.com/en-us/121570 - () https://support.apple.com/en-us/121570 - Release Notes, Vendor Advisory

29 Oct 2024, 14:34

Type Values Removed Values Added
Summary
  • (es) Existía un problema en el análisis de las URL. Este problema se solucionó mejorando la validación de entrada. Este problema se solucionó en macOS Ventura 13.7.1 y macOS Sonoma 14.7.1. Un atacante en una posición privilegiada en la red podría filtrar información confidencial del usuario.

28 Oct 2024, 21:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-10-28 21:15

Updated : 2024-10-30 19:35


NVD link : CVE-2024-44213

Mitre link : CVE-2024-44213

CVE.ORG link : CVE-2024-44213


JSON object : View

Products Affected

apple

  • macos
CWE
NVD-CWE-noinfo CWE-922

Insecure Storage of Sensitive Information