Total vulnerabilities in the database
The issue was addressed with improved input validation. This issue is fixed in Safari 18.4, visionOS 2.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. A malicious website may be able to claim WebAuthn credentials from another website that shares a registrable suffix.
| Software | From | Fixed in |
|---|---|---|
| apple / visionos | - | 2.3 |
| apple / macos | 15.0 | 15.4 |
| apple / ipados | - | 18.4 |
| apple / iphone_os | - | 18.4 |
| apple / safari | - | 18.4 |