CVE-2024-27850
MEDIUM | Platform: Safari | Changelog
CVE Details
Description
This issue was addressed with improvements to the noise injection algorithm. This issue is fixed in Safari 17.5, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, visionOS 1.2. A maliciously crafted webpage may be able to fingerprint the user.
CVSS 3.1 Score
| Metric | Value |
|---|---|
| Base Score | 6.5 (MEDIUM) |
| Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N |
Weakness
References
- Apple Security Advisory
- NVD Entry
- https://support.apple.com/en-us/120903
- https://support.apple.com/en-us/120905
- https://support.apple.com/en-us/120906
- http://seclists.org/fulldisclosure/2024/Jun/5 (Mailing List, Third Party Advisory)
- https://support.apple.com/en-us/HT214101 (Vendor Advisory)
- https://support.apple.com/en-us/HT214103 (Vendor Advisory)
- https://support.apple.com/en-us/HT214106 (Vendor Advisory)