REDHAT-BUG-2344622: Command Injection
First published: Mon Feb 10 2025(Updated: )
A privacy issue was addressed with improved handling of files. This issue is fixed in macOS Sequoia 15.3, Safari 18.3, iOS 18.3 and iPadOS 18.3. Copying a URL from Web Inspector may lead to command injection.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| macOS | <15.3 | |
| Apple Mobile Safari | <18.3 | |
| Apple iOS, iPadOS, and watchOS | <18.3 | |
| Apple iOS, iPadOS, and watchOS | <18.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of REDHAT-BUG-2344622?
The severity of REDHAT-BUG-2344622 is classified as a privacy issue due to potential command injection risks when copying URLs from Web Inspector.
How do I fix REDHAT-BUG-2344622?
To fix REDHAT-BUG-2344622, ensure you are using macOS Sequoia 15.3, Safari 18.3, iOS 18.3, or iPadOS 18.3 or later.
What systems are affected by REDHAT-BUG-2344622?
The systems affected by REDHAT-BUG-2344622 include macOS Sequoia, Safari, iOS, and iPadOS prior to the respective versions mentioned.
Is there a workaround for REDHAT-BUG-2344622 before updating?
Currently, there are no specified workarounds for REDHAT-BUG-2344622 before updating to the patched versions.
What are the implications of REDHAT-BUG-2344622 for users?
The implications of REDHAT-BUG-2344622 for users include the risk of command injection, which could compromise the security of their devices.
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2025-24150
- agent/last-modified-date
- agent/weakness
- agent/severity
- agent/source
- agent/references
- agent/type
- agent/description
- agent/first-publish-date
- agent/event
- agent/tags
- agent/softwarecombine
- agent/guess-ai
- agent/software-canonical-lookup
- vendor/apple
- canonical/macos
- canonical/apple mobile safari
- canonical/apple ios, ipados, and watchos