{"api_version":"1","generated_at":"2026-04-23T15:30:20+00:00","cve":"CVE-2024-40798","urls":{"html":"https://cve.report/CVE-2024-40798","api":"https://cve.report/api/cve/CVE-2024-40798.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2024-40798","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2024-40798"},"summary":{"title":"CVE-2024-40798","description":"This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. An app may be able to read Safari's browsing history.","state":"PUBLISHED","assigner":"apple","published_at":"2024-07-29 23:15:12","updated_at":"2026-04-02 19:17:46"},"problem_types":["NVD-CWE-noinfo","CWE-200","An app may be able to read Safari's browsing history","CWE-200 CWE-200 Exposure of Sensitive Information to an Unauthorized Actor"],"metrics":[{"version":"3.1","source":"nvd@nist.gov","type":"Primary","score":"3.3","severity":"LOW","vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":3.3,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"}},{"version":"3.1","source":"ADP","type":"DECLARED","score":"3.3","severity":"LOW","vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","data":{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"NONE","baseScore":3.3,"baseSeverity":"LOW","confidentialityImpact":"LOW","integrityImpact":"NONE","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","version":"3.1"}},{"version":"3.1","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","score":"3.3","severity":"LOW","vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":3.3,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"}}],"references":[{"url":"https://support.apple.com/en-us/120912","name":"https://support.apple.com/en-us/120912","refsource":"product-security@apple.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://support.apple.com/en-us/HT214116","name":"https://support.apple.com/en-us/HT214116","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Vendor Advisory"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://support.apple.com/en-us/120910","name":"https://support.apple.com/en-us/120910","refsource":"product-security@apple.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://support.apple.com/kb/HT214120","name":"https://support.apple.com/kb/HT214120","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"http://seclists.org/fulldisclosure/2024/Jul/17","name":"http://seclists.org/fulldisclosure/2024/Jul/17","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://support.apple.com/kb/HT214118","name":"https://support.apple.com/kb/HT214118","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://support.apple.com/en-us/HT214119","name":"https://support.apple.com/en-us/HT214119","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Vendor Advisory"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://support.apple.com/kb/HT214116","name":"https://support.apple.com/kb/HT214116","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://support.apple.com/en-us/HT214120","name":"https://support.apple.com/en-us/HT214120","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Vendor Advisory"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"http://seclists.org/fulldisclosure/2024/Jul/20","name":"http://seclists.org/fulldisclosure/2024/Jul/20","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"http://seclists.org/fulldisclosure/2024/Jul/18","name":"http://seclists.org/fulldisclosure/2024/Jul/18","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://support.apple.com/kb/HT214119","name":"https://support.apple.com/kb/HT214119","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://support.apple.com/en-us/HT214118","name":"https://support.apple.com/en-us/HT214118","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Vendor Advisory"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://support.apple.com/en-us/120911","name":"https://support.apple.com/en-us/120911","refsource":"product-security@apple.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"http://seclists.org/fulldisclosure/2024/Jul/19","name":"http://seclists.org/fulldisclosure/2024/Jul/19","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://support.apple.com/en-us/120908","name":"https://support.apple.com/en-us/120908","refsource":"product-security@apple.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2024-40798","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-40798","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"Apple","product":"iOS and iPadOS","version":"affected 16.7.9 custom","platforms":[]},{"source":"CNA","vendor":"Apple","product":"macOS","version":"affected 12.7.6 custom","platforms":[]},{"source":"CNA","vendor":"Apple","product":"macOS","version":"affected 13.6.8 custom","platforms":[]},{"source":"CNA","vendor":"Apple","product":"macOS","version":"affected 14.6 custom","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2024","cve_id":"40798","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"ipados","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"40798","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"iphone_os","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"40798","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"macos","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"NONE","baseScore":3.3,"baseSeverity":"LOW","confidentialityImpact":"LOW","integrityImpact":"NONE","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","version":"3.1"}},{"other":{"content":{"id":"CVE-2024-40798","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","timestamp":"2024-07-30T19:00:00.862509Z","version":"2.0.3"},"type":"ssvc"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-200","description":"CWE-200 Exposure of Sensitive Information to an Unauthorized Actor","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2025-03-13T20:11:46.057Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"},{"providerMetadata":{"dateUpdated":"2025-11-04T17:24:26.595Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"tags":["x_transferred"],"url":"https://support.apple.com/en-us/HT214116"},{"tags":["x_transferred"],"url":"https://support.apple.com/en-us/HT214120"},{"tags":["x_transferred"],"url":"https://support.apple.com/en-us/HT214119"},{"tags":["x_transferred"],"url":"https://support.apple.com/en-us/HT214118"},{"tags":["x_transferred"],"url":"http://seclists.org/fulldisclosure/2024/Jul/20"},{"tags":["x_transferred"],"url":"http://seclists.org/fulldisclosure/2024/Jul/17"},{"tags":["x_transferred"],"url":"http://seclists.org/fulldisclosure/2024/Jul/18"},{"tags":["x_transferred"],"url":"http://seclists.org/fulldisclosure/2024/Jul/19"},{"url":"https://support.apple.com/kb/HT214120"},{"url":"https://support.apple.com/kb/HT214119"},{"url":"https://support.apple.com/kb/HT214118"},{"url":"https://support.apple.com/kb/HT214116"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"iOS and iPadOS","vendor":"Apple","versions":[{"lessThan":"16.7.9","status":"affected","version":"0","versionType":"custom"}]},{"product":"macOS","vendor":"Apple","versions":[{"lessThan":"12.7.6","status":"affected","version":"0","versionType":"custom"},{"lessThan":"13.6.8","status":"affected","version":"0","versionType":"custom"},{"lessThan":"14.6","status":"affected","version":"0","versionType":"custom"}]}],"descriptions":[{"lang":"en","value":"This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. An app may be able to read Safari's browsing history."}],"problemTypes":[{"descriptions":[{"description":"An app may be able to read Safari's browsing history","lang":"en"}]}],"providerMetadata":{"dateUpdated":"2026-04-02T18:27:20.017Z","orgId":"286789f9-fbc2-4510-9f9a-43facdede74c","shortName":"apple"},"references":[{"url":"https://support.apple.com/en-us/120908"},{"url":"https://support.apple.com/en-us/120910"},{"url":"https://support.apple.com/en-us/120911"},{"url":"https://support.apple.com/en-us/120912"}]}},"cveMetadata":{"assignerOrgId":"286789f9-fbc2-4510-9f9a-43facdede74c","assignerShortName":"apple","cveId":"CVE-2024-40798","datePublished":"2024-07-29T22:17:25.199Z","dateReserved":"2024-07-10T17:11:04.691Z","dateUpdated":"2026-04-02T18:27:20.017Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2024-07-29 23:15:12","lastModifiedDate":"2026-04-02 19:17:46","problem_types":["NVD-CWE-noinfo","CWE-200","An app may be able to read Safari's browsing history","CWE-200 CWE-200 Exposure of Sensitive Information to an Unauthorized Actor"],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":3.3,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":1.4},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":3.3,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":1.4}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*","versionEndExcluding":"16.7.9","matchCriteriaId":"29A9994D-AE71-45E0-8CC5-E6219420F7E8"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","versionEndExcluding":"16.7.9","matchCriteriaId":"1ACEA981-1D96-49F1-8048-74D21D71FD39"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*","versionEndExcluding":"12.7.6","matchCriteriaId":"3556C7C3-14B6-4846-B3E8-FE07A503155F"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0","versionEndExcluding":"13.6.8","matchCriteriaId":"7008225C-B5B9-4F87-9392-DD2080717E9A"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0","versionEndExcluding":"14.6","matchCriteriaId":"51E2E93B-C5A3-4C83-B806-2EC555AD45FE"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2024","CveId":"40798","Ordinal":"1","Title":"CVE-2024-40798","CVE":"CVE-2024-40798","Year":"2024"},"notes":[{"CveYear":"2024","CveId":"40798","Ordinal":"1","NoteData":"This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. An app may be able to read Safari's browsing history.","Type":"Description","Title":"CVE-2024-40798"}]}}}