Published: 12/12/2023 Updated: 02/02/2024

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 0

The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, macOS Sonoma 14.2, watchOS 10.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2. Processing web content may lead to arbitrary code execution.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apple macos
apple safari
apple watchos
apple iphone os
apple ipados
apple tvos

The issue was addressed with improved memory handling This issue is fixed in Safari 172, macOS Sonoma 142, iOS 172 and iPadOS 172, watchOS 102, tvOS 172, iOS 1673 and iPadOS 1673 Processing an image may lead to a denial-of-service (CVE-2023-42883) The issue was addressed with improved memory handling This issue is fixed in Safari 172 ...

DescriptionA flaw was found in WebKitGTK This issue exists due to a boundary error when processing malicious HTML content in WebKit, which could result in memory corruption and arbitrary code execution on the target systemA flaw was found in WebKitGTK This issue exists due to a boundary error when processing malicious HTML content in WebK ...

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available Recent releases are listed on the Apple security releases page Apple security documents reference vulnerabilities by CVE-ID whe ...

oss-sec mailing list archives   By Date By Thread </form>    WebKitGTK and WPE WebKit Security Advisory WSA-2023-0012   From: Carlos A ...

Full Disclosure mailing list archives   By Date By Thread </form>    APPLE-SA-12-11-2023-2 iOS 172 and iPadOS 172   From: Apple Prod ...

Full Disclosure mailing list archives   By Date By Thread </form>    APPLE-SA-12-11-2023-8 watchOS 102   From: Apple Product Security ...

NVD-CWE-noinfo https://support.apple.com/en-us/HT214039 https://support.apple.com/en-us/HT214035 https://support.apple.com/en-us/HT214040 https://support.apple.com/en-us/HT214036 https://support.apple.com/en-us/HT214041 http://seclists.org/fulldisclosure/2023/Dec/9 http://seclists.org/fulldisclosure/2023/Dec/7 http://seclists.org/fulldisclosure/2023/Dec/6 http://seclists.org/fulldisclosure/2023/Dec/13 http://seclists.org/fulldisclosure/2023/Dec/12 http://www.openwall.com/lists/oss-security/2023/12/18/1 https://security.gentoo.org/glsa/202401-33 https://nvd.nist.gov https://alas.aws.amazon.com/AL2/ALAS-2024-2425.html

CVE-2023-42890

Vulnerability Summary

Vendor Advisories

Mailing Lists

References

Vulmon Search

About

Products

Connect