The issue was addressed with improved handling of caches. This issue is fixed in visionOS 1.1, iOS 17.4 and iPadOS 17.4. An app may be able to fingerprint the user.
References
| Link | Resource |
|---|---|
| http://seclists.org/fulldisclosure/2024/Mar/26 | Mailing List |
| https://support.apple.com/en-us/HT214081 | Vendor Advisory |
| https://support.apple.com/en-us/HT214087 | Vendor Advisory |
| http://seclists.org/fulldisclosure/2024/Mar/26 | Mailing List |
| https://support.apple.com/en-us/HT214081 | Vendor Advisory |
| https://support.apple.com/en-us/HT214087 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
05 Dec 2024, 16:36
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
| First Time |
Apple iphone Os
Apple Apple visionos Apple ipad Os |
|
| CWE | NVD-CWE-noinfo | |
| CPE | cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:* cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:* |
|
| References | () http://seclists.org/fulldisclosure/2024/Mar/26 - Mailing List | |
| References | () https://support.apple.com/en-us/HT214081 - Vendor Advisory | |
| References | () https://support.apple.com/en-us/HT214087 - Vendor Advisory |
21 Nov 2024, 08:57
| Type | Values Removed | Values Added |
|---|---|---|
| References | () http://seclists.org/fulldisclosure/2024/Mar/26 - | |
| References | () https://support.apple.com/en-us/HT214081 - | |
| References | () https://support.apple.com/en-us/HT214087 - |
18 Nov 2024, 21:35
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 4.0 |
13 Mar 2024, 23:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
08 Mar 2024, 02:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-03-08 02:15
Updated : 2024-12-05 16:36
NVD link : CVE-2024-23220
Mitre link : CVE-2024-23220
CVE.ORG link : CVE-2024-23220
JSON object : View
Products Affected
apple
- ipad_os
- iphone_os
- visionos
CWE