Medium severity6.5NVD Advisory· Published Mar 8, 2024· Updated Apr 2, 2026
CVE-2024-23254
CVE-2024-23254
Description
The issue was addressed with improved UI handling. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. A malicious website may exfiltrate audio data cross-origin.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
49cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*range: <17.4
- (no CPE)range: <17.4
- cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*
- osv-coords38 versionspkg:rpm/opensuse/webkit2gtk3&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/webkit2gtk3&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/webkit2gtk3-soup2&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/webkit2gtk3-soup2&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/webkit2gtk4&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/webkit2gtk4&distro=openSUSE%20Leap%2015.6pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP5pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP6pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP5pkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5pkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Manager%20Proxy%204.3pkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Manager%20Server%204.3pkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5pkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6pkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4
< 2.44.0-150400.4.78.1+ 37 more
- (no CPE)range: < 2.44.0-150400.4.78.1
- (no CPE)range: < 2.44.2-150600.12.3.1
- (no CPE)range: < 2.44.0-150400.4.78.1
- (no CPE)range: < 2.44.2-150600.12.3.1
- (no CPE)range: < 2.44.0-150400.4.78.1
- (no CPE)range: < 2.44.2-150600.12.3.1
- (no CPE)range: < 2.44.0-150200.107.1
- (no CPE)range: < 2.44.0-150200.107.1
- (no CPE)range: < 2.44.0-150200.107.1
- (no CPE)range: < 2.44.0-150400.4.78.1
- (no CPE)range: < 2.44.0-150400.4.78.1
- (no CPE)range: < 2.44.0-150400.4.78.1
- (no CPE)range: < 2.44.2-150600.12.3.1
- (no CPE)range: < 2.44.0-4.3.2
- (no CPE)range: < 2.44.0-150200.107.1
- (no CPE)range: < 2.44.0-150200.107.1
- (no CPE)range: < 2.44.0-150400.4.78.1
- (no CPE)range: < 2.44.0-4.3.2
- (no CPE)range: < 2.44.0-150200.107.1
- (no CPE)range: < 2.44.0-150200.107.1
- (no CPE)range: < 2.44.0-150400.4.78.1
- (no CPE)range: < 2.44.0-4.3.2
- (no CPE)range: < 2.44.0-4.3.2
- (no CPE)range: < 2.44.0-150400.4.78.1
- (no CPE)range: < 2.44.0-150400.4.78.1
- (no CPE)range: < 2.44.0-150400.4.78.1
- (no CPE)range: < 2.44.2-150600.12.3.1
- (no CPE)range: < 2.44.0-150400.4.78.1
- (no CPE)range: < 2.44.0-150400.4.78.1
- (no CPE)range: < 2.44.0-150400.4.78.1
- (no CPE)range: < 2.44.0-150400.4.78.1
- (no CPE)range: < 2.44.0-150400.4.78.1
- (no CPE)range: < 2.44.0-150400.4.78.1
- (no CPE)range: < 2.44.2-150600.12.3.1
- (no CPE)range: < 2.44.0-150400.4.78.1
- (no CPE)range: < 2.44.2-150600.12.3.1
- (no CPE)range: < 2.44.0-150400.4.78.1
- (no CPE)range: < 2.44.0-150400.4.78.1
Patches
Vulnerability mechanics
References
23- support.apple.com/en-us/HT214081nvdVendor Advisory
- support.apple.com/en-us/HT214084nvdVendor Advisory
- support.apple.com/en-us/HT214086nvdVendor Advisory
- support.apple.com/en-us/HT214087nvdVendor Advisory
- support.apple.com/en-us/HT214088nvdVendor Advisory
- support.apple.com/en-us/HT214089nvdVendor Advisory
- seclists.org/fulldisclosure/2024/Mar/20nvdMailing List
- seclists.org/fulldisclosure/2024/Mar/21nvdMailing List
- seclists.org/fulldisclosure/2024/Mar/24nvdMailing List
- seclists.org/fulldisclosure/2024/Mar/25nvdMailing List
- seclists.org/fulldisclosure/2024/Mar/26nvdMailing List
- www.openwall.com/lists/oss-security/2024/03/26/1nvdMailing List
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IXLXIOAH5S7J22LJTCIAVFVVJ4TESAX4/nvdMailing List
- support.apple.com/en-us/120881nvd
- support.apple.com/en-us/120882nvd
- support.apple.com/en-us/120883nvd
- support.apple.com/en-us/120893nvd
- support.apple.com/en-us/120894nvd
- support.apple.com/en-us/120895nvd
- support.apple.com/kb/HT214081nvd
- support.apple.com/kb/HT214084nvd
- support.apple.com/kb/HT214087nvd
- support.apple.com/kb/HT214089nvd
News mentions
0No linked articles in our index yet.