← Zuruck zu CVEs
CVE-2023-42916
MEDIUMCISA KEV6.5
Beschreibung
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1.
CVE Details
CVSS v3.1 Bewertung6.5
SchweregradMEDIUM
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienNONE
BenutzerinteraktionREQUIRED
Veroffentlicht11/30/2023
Zuletzt geandert10/23/2025
Quellekev
Honeypot-Sichtungen0
CISA KEV
HerstellerApple
ProduktMultiple Products
SchwachstellennameApple Multiple Products WebKit Out-of-Bounds Read Vulnerability
KEV Aufnahmedatum2023-12-04
Behebungsfrist2023-12-25
Ransomware-NutzungUnknown
Betroffene Produkte
apple:ipadosapple:iphone_osapple:macosapple:safaridebian:debian_linuxfedoraproject:fedorawebkitgtk:webkitgtk\+
Schwachen (CWE)
CWE-125CWE-125
Referenzen
http://seclists.org/fulldisclosure/2023/Dec/12(product-security@apple.com)
http://seclists.org/fulldisclosure/2023/Dec/13(product-security@apple.com)
http://seclists.org/fulldisclosure/2023/Dec/3(product-security@apple.com)
http://seclists.org/fulldisclosure/2023/Dec/4(product-security@apple.com)
http://seclists.org/fulldisclosure/2023/Dec/5(product-security@apple.com)
http://seclists.org/fulldisclosure/2023/Dec/8(product-security@apple.com)
http://seclists.org/fulldisclosure/2024/Jan/35(product-security@apple.com)
http://www.openwall.com/lists/oss-security/2023/12/05/1(product-security@apple.com)
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AD2KIHHCUBQC2YYH3FJWAHI5BG3QETOH/(product-security@apple.com)
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P5LQS6VEI7VIZNC7QGQ62EOV45R5RJIR/(product-security@apple.com)
https://security.gentoo.org/glsa/202401-04(product-security@apple.com)
https://support.apple.com/en-us/HT214031(product-security@apple.com)
https://support.apple.com/en-us/HT214032(product-security@apple.com)
https://support.apple.com/en-us/HT214033(product-security@apple.com)
https://support.apple.com/kb/HT214033(product-security@apple.com)
https://support.apple.com/kb/HT214034(product-security@apple.com)
https://support.apple.com/kb/HT214062(product-security@apple.com)
https://www.debian.org/security/2023/dsa-5575(product-security@apple.com)
http://seclists.org/fulldisclosure/2023/Dec/12(af854a3a-2127-422b-91ae-364da2661108)
http://seclists.org/fulldisclosure/2023/Dec/13(af854a3a-2127-422b-91ae-364da2661108)
http://seclists.org/fulldisclosure/2023/Dec/3(af854a3a-2127-422b-91ae-364da2661108)
http://seclists.org/fulldisclosure/2023/Dec/4(af854a3a-2127-422b-91ae-364da2661108)
http://seclists.org/fulldisclosure/2023/Dec/5(af854a3a-2127-422b-91ae-364da2661108)
http://seclists.org/fulldisclosure/2023/Dec/8(af854a3a-2127-422b-91ae-364da2661108)
http://seclists.org/fulldisclosure/2024/Jan/35(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2023/12/05/1(af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AD2KIHHCUBQC2YYH3FJWAHI5BG3QETOH/(af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P5LQS6VEI7VIZNC7QGQ62EOV45R5RJIR/(af854a3a-2127-422b-91ae-364da2661108)
https://security.gentoo.org/glsa/202401-04(af854a3a-2127-422b-91ae-364da2661108)
https://support.apple.com/en-us/HT214031(af854a3a-2127-422b-91ae-364da2661108)
https://support.apple.com/en-us/HT214032(af854a3a-2127-422b-91ae-364da2661108)
https://support.apple.com/en-us/HT214033(af854a3a-2127-422b-91ae-364da2661108)
https://support.apple.com/kb/HT214033(af854a3a-2127-422b-91ae-364da2661108)
https://support.apple.com/kb/HT214034(af854a3a-2127-422b-91ae-364da2661108)
https://support.apple.com/kb/HT214062(af854a3a-2127-422b-91ae-364da2661108)
https://www.debian.org/security/2023/dsa-5575(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-42916(134c704f-9b21-4f2e-91b3-4a467353bcc0)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.