CVE-2024-44206

MEDIUM 5.4

CVSS Score

5.4

EPSS Score

0.0%

EPSS Percentile

0th

An issue in the handling of URL protocols was addressed with improved logic. This issue is fixed in Safari 17.6, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. A user may be able to bypass some web content restrictions.

Vendor	apple
Product	safari
Ecosystems	iOS macOS
Industries	Technology
Published	Oct 24, 2024
Last Updated	Apr 2, 2026

Stay Ahead of the Next One

Get instant alerts for apple safari

Be the first to know when new medium vulnerabilities affecting apple safari are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Apple / Safari

0 < 17.6

Apple / iOS and iPadOS

0 < 17.6

Apple / macOS

0 < 14.6

Apple / tvOS

0 < 17.6

Apple / visionOS

0 < 1.3

Apple / watchOS

0 < 10.6

References

NVD ↗ CVE.org ↗ EPSS Data ↗

support.apple.com: https://support.apple.com/en-us/120909 support.apple.com: https://support.apple.com/en-us/120911 support.apple.com: https://support.apple.com/en-us/120913 support.apple.com: https://support.apple.com/en-us/120914 support.apple.com: https://support.apple.com/en-us/120915 support.apple.com: https://support.apple.com/en-us/120916 seclists.org: http://seclists.org/fulldisclosure/2024/Nov/6