CVE-2024-54535: Path Traversal
First published: Wed Jan 15 2025(Updated: )
A path handling issue was addressed with improved logic. This issue is fixed in watchOS 11.1, visionOS 2.1, iOS 18.1 and iPadOS 18.1. An attacker with access to calendar data could also read reminders.
Credit: product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple iPadOS | <18.1 | |
| Apple iPhone OS | <18.1 | |
| Apple visionOS | <2.1 | |
| Apple watchOS | <11.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/type
- agent/first-publish-date
- agent/description
- agent/author
- agent/event
- agent/weakness
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/severity
- agent/last-modified-date
- agent/source
- vendor/apple
- canonical/apple ipados
- canonical/apple iphone os
- canonical/apple visionos
- canonical/apple watchos