Lucene search
GoogleOSV:CVE-2024-40857HistorySep 17, 2024 - 12:15 a.m.
CVE-2024-40857
2024-09-1700:15:49
Google
osv.dev
1
safari
visionos
watchos
macos sequoia
ios
ipados
universal cross site scripting
state management
web content processing
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
AI Score
5.3
Confidence
High
This issue was addressed through improved state management. This issue is fixed in Safari 18, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, tvOS 18. Processing maliciously crafted web content may lead to universal cross site scripting.
Related
nvd
nvd
CVE-2024-40857
2024-09-17 00:15:49
vulnrichment
vulnrichment
CVE-2024-40857
2024-09-16 23:22:32
cvelist
cvelist
CVE-2024-40857
2024-09-16 23:22:32
cve
cve
CVE-2024-40857
2024-09-17 00:15:49
debiancve
debiancve
CVE-2024-40857
2024-09-17 00:15:49
openvas
openvas
Apple Safari Security Update (HT121241)
2024-09-20 00:00:00
nessus
nessus
Apple TV < 18 Multiple Vulnerabilities (121248)
2024-09-24 00:00:00
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
AI Score
5.3
Confidence
High
Related for OSV:CVE-2024-40857