A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Ventura 13.2.1. An app may be able to observe unprotected user data.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple macos |
Topics Security Off-Prem On-Prem Software Offbeat Vendor Voice Vendor Voice Resources WebKit flaw 'may have been exploited' – just like Tim Cook 'may have' made a million bucks this week
Apple this week released bug-splatting updates to its operating systems and Safari browser, to fix a zero-day vulnerability in its WebKit browser engine that's reported to have been actively exploited. Updates macOS 13.2.1, iOS 16.3.1, iPadOS 16.3.1, and Safari 16.3.1 fix the flaw, tracked as CVE-2023-23529, which may allow maliciously crafted web content to execute arbitrary code. It's described by Apple as a type confusion flaw fixed by improved checks. The issue had to do with JsonWebToken co...