CVE-2024-23220

EUVD-2024-20739
The issue was addressed with improved handling of caches. This issue is fixed in iOS 17.4 and iPadOS 17.4, visionOS 1.1. An app may be able to fingerprint the user.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 10%
Affected Products (NVD)
VendorProductVersion
appleipad_os
𝑥
< 17.4
appleiphone_os
𝑥
< 17.4
applevisionos
𝑥
< 1.1
𝑥
= Vulnerable software versions
References
https://support.apple.com/en-us/120883
https://support.apple.com/en-us/120893
http://seclists.org/fulldisclosure/2024/Mar/26
https://support.apple.com/en-us/HT214081
https://support.apple.com/en-us/HT214087
https://support.apple.com/kb/HT214081
https://support.apple.com/kb/HT214087