### [CVE-2024-54558](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54558)
![](https://img.shields.io/static/v1?label=Product&message=iOS%20and%20iPadOS&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=macOS&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=unspecified%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=An%20app%20may%20be%20able%20to%20trick%20a%20user%20into%20granting%20access%20to%20photos%20from%20the%20user's%20photo%20library&color=brightgreen)

### Description

A clickjacking issue was addressed with improved out-of-process view handling. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An app may be able to trick a user into granting access to photos from the user's photo library.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds