Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-42916

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1.

Published

2023-11-30T23:15:07.223

Last Modified

2024-11-29T15:03:51.967

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 6.5 (MEDIUM)

Weaknesses

Type: Primary
CWE-125
Type: Secondary
CWE-125

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	apple	safari	< 17.1.2	Yes
Operating System	apple	ipados	< 15.8.1	Yes
Operating System	apple	ipados	< 16.7.3	Yes
Operating System	apple	ipados	< 17.1.2	Yes
Operating System	apple	iphone_os	< 15.8.1	Yes
Operating System	apple	iphone_os	< 16.7.3	Yes
Operating System	apple	iphone_os	< 17.1.2	Yes
Operating System	apple	macos	< 14.1.2	Yes
Operating System	fedoraproject	fedora	38	Yes
Operating System	fedoraproject	fedora	39	Yes
Operating System	debian	debian_linux	11.0	Yes
Operating System	debian	debian_linux	12.0	Yes
Application	webkitgtk	webkitgtk\+	< 2.42.3	Yes

References

http://seclists.org/fulldisclosure/2023/Dec/12 Mailing List, Third Party Advisory ([email protected])
http://seclists.org/fulldisclosure/2023/Dec/13 Mailing List, Third Party Advisory ([email protected])
http://seclists.org/fulldisclosure/2023/Dec/3 Mailing List, Third Party Advisory ([email protected])
http://seclists.org/fulldisclosure/2023/Dec/4 Mailing List, Third Party Advisory ([email protected])
http://seclists.org/fulldisclosure/2023/Dec/5 Mailing List, Third Party Advisory ([email protected])
http://seclists.org/fulldisclosure/2023/Dec/8 Mailing List, Third Party Advisory ([email protected])
http://seclists.org/fulldisclosure/2024/Jan/35 Mailing List, Third Party Advisory ([email protected])
http://www.openwall.com/lists/oss-security/2023/12/05/1 Mailing List, Third Party Advisory ([email protected])
https://lists.fedoraproject.org/archives/list/[email protected]/message/AD2KIHHCUBQC2YYH3FJWAHI5BG3QETOH/ Mailing List ([email protected])
https://lists.fedoraproject.org/archives/list/[email protected]/message/P5LQS6VEI7VIZNC7QGQ62EOV45R5RJIR/ Mailing List ([email protected])
https://security.gentoo.org/glsa/202401-04 Third Party Advisory ([email protected])
https://support.apple.com/en-us/HT214031 Vendor Advisory ([email protected])
https://support.apple.com/en-us/HT214032 Vendor Advisory ([email protected])
https://support.apple.com/en-us/HT214033 Vendor Advisory ([email protected])
https://support.apple.com/kb/HT214033 Vendor Advisory ([email protected])
https://support.apple.com/kb/HT214034 Vendor Advisory ([email protected])
https://support.apple.com/kb/HT214062 Vendor Advisory ([email protected])
https://www.debian.org/security/2023/dsa-5575 Mailing List ([email protected])
http://seclists.org/fulldisclosure/2023/Dec/12 Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://seclists.org/fulldisclosure/2023/Dec/13 Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://seclists.org/fulldisclosure/2023/Dec/3 Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://seclists.org/fulldisclosure/2023/Dec/4 Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://seclists.org/fulldisclosure/2023/Dec/5 Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://seclists.org/fulldisclosure/2023/Dec/8 Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://seclists.org/fulldisclosure/2024/Jan/35 Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2023/12/05/1 Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/[email protected]/message/AD2KIHHCUBQC2YYH3FJWAHI5BG3QETOH/ Mailing List (af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/[email protected]/message/P5LQS6VEI7VIZNC7QGQ62EOV45R5RJIR/ Mailing List (af854a3a-2127-422b-91ae-364da2661108)
https://security.gentoo.org/glsa/202401-04 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://support.apple.com/en-us/HT214031 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://support.apple.com/en-us/HT214032 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://support.apple.com/en-us/HT214033 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://support.apple.com/kb/HT214033 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://support.apple.com/kb/HT214034 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://support.apple.com/kb/HT214062 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.debian.org/security/2023/dsa-5575 Mailing List (af854a3a-2127-422b-91ae-364da2661108)