CVE-2024-27844
CVE-2024-27844
5.5
MediumPublished:
Last updated:
Source:product-security@apple.com
Modified
CVSS Vector
v3.1- Attack Vector
- Local
- Attack Complexity
- Low
- Privileges Required
- None
- User Interaction
- Required
- Scope
- Unchanged
- Confidentiality
- None
- Integrity
- High
- Availability
- None
Description
The issue was addressed with improved checks. This issue is fixed in Safari 17.5, macOS Sonoma 14.5, visionOS 1.2. A website's permission dialog may persist after navigation away from the site.
References
product-security@apple.com
https://support.apple.com/en-us/120896product-security@apple.com
https://support.apple.com/en-us/120903product-security@apple.com
https://support.apple.com/en-us/120906af854a3a-2127-422b-91ae-364da2661108
http://seclists.org/fulldisclosure/2024/Jun/5af854a3a-2127-422b-91ae-364da2661108
https://support.apple.com/en-us/HT214103af854a3a-2127-422b-91ae-364da2661108
https://support.apple.com/en-us/HT214106af854a3a-2127-422b-91ae-364da2661108
https://support.apple.com/en-us/HT214108af854a3a-2127-422b-91ae-364da2661108
https://support.apple.com/kb/HT214103af854a3a-2127-422b-91ae-364da2661108
https://support.apple.com/kb/HT214106af854a3a-2127-422b-91ae-364da2661108
https://support.apple.com/kb/HT214108