The issue was addressed with improved handling of caches. This issue is fixed in visionOS 1.1, iOS 17.4 and iPadOS 17.4. An app may be able to fingerprint the user.
References
| Link | Resource |
|---|---|
| http://seclists.org/fulldisclosure/2024/Mar/26 | Mailing List |
| https://support.apple.com/en-us/HT214081 | Vendor Advisory |
| https://support.apple.com/en-us/HT214087 | Vendor Advisory |
| http://seclists.org/fulldisclosure/2024/Mar/26 | Mailing List |
| https://support.apple.com/en-us/HT214081 | Vendor Advisory |
| https://support.apple.com/en-us/HT214087 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
05 Dec 2024, 16:36
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
| CWE | NVD-CWE-noinfo | |
| First Time |
Apple ipad Os
Apple visionos Apple Apple iphone Os |
|
| CPE | cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:* cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* |
|
| References | () http://seclists.org/fulldisclosure/2024/Mar/26 - Mailing List | |
| References | () https://support.apple.com/en-us/HT214081 - Vendor Advisory | |
| References | () https://support.apple.com/en-us/HT214087 - Vendor Advisory |
Information
Published : 2024-03-08 02:15
Updated : 2024-12-05 16:36
NVD link : CVE-2024-23220
Mitre link : CVE-2024-23220
CVE.ORG link : CVE-2024-23220
JSON object : View
Products Affected
apple
- iphone_os
- visionos
- ipad_os
CWE