Routing Issue in Safari Affects Apple Devices with Private Relay
CVE-2024-44246

5.3MEDIUM

Key Information:

Vendor: Apple
Status: Mac OS; iPad OS; iOS And iPad OS; Safari
Vendor: CVE Published:; 12 December 2024

What is CVE-2024-44246?

A routing issue within Safari has been discovered, specifically impacting Apple devices with Private Relay enabled. When a user adds a website to the Safari Reading List, this flaw may inadvertently expose the user's originating IP address to the website, compromising user privacy and security. This issue has been addressed in the latest updates, ensuring that user data remains protected.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

iOS and iPadOS < 18.2

iPadOS < 17.7

macOS < 15.2

References

https://support.apple.com/en-us/121839

https://support.apple.com/en-us/121838

https://support.apple.com/en-us/121837

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 12, 2024

JSON

Apple

What is CVE-2024-44246?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.