Apple: >> Watchos >> 10.1.1 Security Vulnerabilities
A custom URL scheme handling issue was addressed with improved input validation. This issue is fixed in Safari 18, iOS 17.7.1 and iPadOS 17.7.1, iOS 18 and iPadOS 18, macOS Sequoia 15, watchOS 11. Maliciously crafted web content may violate iframe sandboxing policy.
CVSS Score
6.5
EPSS Score
0.001
Published
2024-10-28
This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, visionOS 2.1, watchOS 11.1. An app may be able to access sensitive user data.
CVSS Score
5.5
EPSS Score
0.0
Published
2024-10-28
The issue was addressed with improved checks. This issue is fixed in Safari 17.6, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. Processing maliciously crafted web content may lead to an unexpected process crash.
CVSS Score
5.5
EPSS Score
0.0
Published
2024-10-24
A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. This issue is fixed in Safari 18, iOS 18 and iPadOS 18, macOS Sequoia 15, tvOS 18, visionOS 2, watchOS 11. A malicious website may exfiltrate data cross-origin.
CVSS Score
6.5
EPSS Score
0.005
Published
2024-09-17
This issue was addressed through improved state management. This issue is fixed in Xcode 16, iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, macOS Sequoia 15, tvOS 18, visionOS 2, watchOS 11. An app may gain unauthorized access to Bluetooth.
CVSS Score
5.5
EPSS Score
0.0
Published
2024-09-17
An integer overflow was addressed through improved input validation. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15, tvOS 18, visionOS 2, watchOS 11. Processing maliciously crafted web content may lead to an unexpected process crash.
CVSS Score
5.5
EPSS Score
0.0
Published
2024-09-17
The issue was addressed with improved memory handling. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7, tvOS 18, visionOS 2, watchOS 11. An app may be able to cause unexpected system termination.
CVSS Score
5.5
EPSS Score
0.001
Published
2024-09-17
A privacy issue was addressed by moving sensitive data to a more secure location. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15, watchOS 11. An app may be able to access user-sensitive data.
CVSS Score
5.5
EPSS Score
0.001
Published
2024-09-17
This issue was addressed through improved state management. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, watchOS 11. An attacker with physical access to a locked device may be able to Control Nearby Devices via accessibility features.
CVSS Score
4.6
EPSS Score
0.001
Published
2024-09-17
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7, tvOS 18, visionOS 2, watchOS 11. Processing an image may lead to a denial-of-service.
CVSS Score
5.5
EPSS Score
0.003
Published
2024-09-17