Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Safari
(Apple)| Repositories | https://github.com/WebKit/webkit |
| #Vulnerabilities | 1491 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-05-07 | CVE-2024-4558 | Use after free in ANGLE in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | Ipados, Iphone_os, Macos, Safari, Fedora, Chrome | 9.6 | ||
| 2024-12-12 | CVE-2024-44212 | A cookie management issue was addressed with improved state management. This issue is fixed in Safari 18.1, visionOS 2.1, tvOS 18.1, iOS 18.1 and iPadOS 18.1, watchOS 11.1. Cookies belonging to one origin may be sent to another origin. | Ipados, Iphone_os, Safari, Tvos, Visionos, Watchos | 5.3 | ||
| 2024-12-12 | CVE-2024-54479 | The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.3, watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to an unexpected process crash. | Ipados, Iphone_os, Macos, Safari, Tvos, Visionos, Watchos | 7.5 | ||
| 2024-12-12 | CVE-2024-44246 | The issue was addressed with improved routing of Safari-originated requests. This issue is fixed in macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2, Safari 18.2, iPadOS 17.7.3. On a device with Private Relay enabled, adding a website to the Safari Reading List may reveal the originating IP address to the website. | Ipados, Iphone_os, Macos, Safari | 5.3 | ||
| 2024-12-12 | CVE-2024-54502 | The issue was addressed with improved checks. This issue is fixed in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to an unexpected process crash. | Ipados, Iphone_os, Macos, Safari, Tvos, Visionos, Watchos | 6.5 | ||
| 2024-12-12 | CVE-2024-54508 | The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to an unexpected process crash. | Ipados, Iphone_os, Macos, Safari, Tvos, Visionos, Watchos | 7.5 | ||
| 2024-12-12 | CVE-2024-54505 | A type confusion issue was addressed with improved memory handling. This issue is fixed in iPadOS 17.7.3, watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to memory corruption. | Ipados, Iphone_os, Macos, Safari, Tvos, Visionos, Watchos | 8.8 | ||
| 2024-12-12 | CVE-2024-54534 | The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to memory corruption. | Ipados, Iphone_os, Macos, Safari, Tvos, Visionos, Watchos | 9.8 | ||
| 2024-04-24 | CVE-2024-23271 | A logic issue was addressed with improved checks. This issue is fixed in iOS 17.3 and iPadOS 17.3, Safari 17.3, tvOS 17.3, macOS Sonoma 14.3, watchOS 10.3. A malicious website may cause unexpected cross-origin behavior. | Ipados, Iphone_os, Macos, Safari, Tvos, Watchos | 6.5 | ||
| 2024-05-14 | CVE-2024-27834 | The issue was addressed with improved checks. This issue is fixed in iOS 17.5 and iPadOS 17.5, tvOS 17.5, Safari 17.5, watchOS 10.5, macOS Sonoma 14.5. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. | Ipados, Iphone_os, Macos, Safari, Tvos, Watchos, Fedora, Webkitgtk, Wpe_webkit | 5.5 |