CVE Vulnerabilities

CVE-2024-40794

Published: Jul 29, 2024 | Modified: Apr 02, 2026
CVSS 3.x
5.3
MEDIUM
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVSS 2.x
RedHat/V2
RedHat/V3
5.3 IMPORTANT
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Ubuntu
MEDIUM
root.io logo minimus.io logo echo.ai logo

This issue was addressed through improved state management. This issue is fixed in Safari 17.6, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6. Private Browsing tabs may be accessed without authentication.

Affected Software

NameVendorStart VersionEnd Version
SafariApple*17.6 (excluding)
IpadosApple*17.6 (excluding)
Iphone_osApple*17.6 (excluding)
MacosApple*14.6 (excluding)
Qtwebkit-opensource-srcUbuntudevel*
Qtwebkit-opensource-srcUbuntuesm-apps/bionic*
Qtwebkit-opensource-srcUbuntuesm-apps/focal*
Qtwebkit-opensource-srcUbuntuesm-apps/jammy*
Qtwebkit-opensource-srcUbuntuesm-apps/noble*
Qtwebkit-opensource-srcUbuntuesm-infra-legacy/xenial*
Qtwebkit-opensource-srcUbuntuesm-infra/xenial*
Qtwebkit-opensource-srcUbuntufocal*
Qtwebkit-opensource-srcUbuntujammy*
Qtwebkit-opensource-srcUbuntunoble*
Qtwebkit-opensource-srcUbuntuoracular*
Qtwebkit-sourceUbuntuesm-apps-legacy/xenial*
Qtwebkit-sourceUbuntuesm-apps/bionic*
Qtwebkit-sourceUbuntuesm-apps/xenial*
Webkit2gtkUbuntuesm-infra-legacy/xenial*
Webkit2gtkUbuntuesm-infra/bionic*
Webkit2gtkUbuntuesm-infra/focal*
Webkit2gtkUbuntuesm-infra/xenial*
Webkit2gtkUbuntufocal*
WebkitgtkUbuntuesm-apps-legacy/xenial*
WebkitgtkUbuntuesm-apps/bionic*
WebkitgtkUbuntuesm-apps/xenial*
WpewebkitUbuntuesm-apps/focal*
WpewebkitUbuntuesm-apps/jammy*
WpewebkitUbuntufocal*
WpewebkitUbuntujammy*

References