CVE-2024-27830

2024-06-1020:56:47

apple

github.com

state management

user fingerprinting

apple operating systems

cve-2024-27830

5.7 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

10.4%

JSON

This issue was addressed through improved state management. This issue is fixed in tvOS 17.5, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. A maliciously crafted webpage may be able to fingerprint the user.

CNA Affected

[
  {
    "vendor": "Apple",
    "product": "iOS and iPadOS",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified",
        "lessThan": "17.5",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "Apple",
    "product": "macOS",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified",
        "lessThan": "14.5",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "Apple",
    "product": "visionOS",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified",
        "lessThan": "1.2",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "Apple",
    "product": "watchOS",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified",
        "lessThan": "10.5",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "Apple",
    "product": "Safari",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified",
        "lessThan": "17.5",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "Apple",
    "product": "tvOS",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified",
        "lessThan": "17.5",
        "versionType": "custom"
      }
    ]
  }
]