CVE-2024-10474

Public on 2024-10-29
Modified on 2024-10-30
Description
Focus was incorrectly allowing internal links to utilize the app scheme used for deeplinking, which could result in links potentially circumventing some URL safety checks This vulnerability affects Focus for iOS < 132.
Severity
Critical severity
Critical
CVSS v3 Base Score
9.1
See breakdown

Affected Packages

Platform Package Release Date Advisory Status
Amazon Linux 2 - Firefox Extra firefox Not Affected

CVSS Scores

Score Type Score Vector
Amazon Linux CVSSv3 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
NVD CVSSv3 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N