CVE-2023-27932

This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS 16.4, tvOS 16.4, watchOS 9.4. Processing maliciously crafted web content may bypass Same Origin Policy.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

History

09 Oct 2024, 14:25

Type Values Removed Values Added
CPE cpe:2.3:o:apple:safari:*:*:*:*:*:*:*:* cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*

27 Jul 2023, 04:15

Type Values Removed Values Added
Summary This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, watchOS 9.4, Safari 16.4, iOS 16.4 and iPadOS 16.4. Processing maliciously crafted web content may bypass Same Origin Policy This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS 16.4, tvOS 16.4, watchOS 9.4. Processing maliciously crafted web content may bypass Same Origin Policy.
References
  • {'url': 'https://security.gentoo.org/glsa/202305-32', 'name': 'GLSA-202305-32', 'tags': [], 'refsource': 'GENTOO'}

30 May 2023, 06:16

Type Values Removed Values Added
References
  • (GENTOO) https://security.gentoo.org/glsa/202305-32 -

19 May 2023, 16:15

Type Values Removed Values Added
References
  • {'url': 'https://lists.debian.org/debian-lts-announce/2023/05/msg00011.html', 'name': '[debian-lts-announce] 20230512 [SECURITY] [DLA 3419-1] webkit2gtk security update', 'tags': ['Third Party Advisory'], 'refsource': 'MLIST'}
Summary This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, watchOS 9.4, tvOS 16.4, Safari 16.4, iOS 16.4 and iPadOS 16.4. Processing maliciously crafted web content may bypass Same Origin Policy This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, watchOS 9.4, Safari 16.4, iOS 16.4 and iPadOS 16.4. Processing maliciously crafted web content may bypass Same Origin Policy

13 May 2023, 02:08

Type Values Removed Values Added
CPE cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:safari:*:*:*:*:*:*:*:*
CWE NVD-CWE-noinfo
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.5
References (MISC) https://support.apple.com/en-us/HT213676 - (MISC) https://support.apple.com/en-us/HT213676 - Vendor Advisory
References (MISC) https://support.apple.com/en-us/HT213674 - (MISC) https://support.apple.com/en-us/HT213674 - Vendor Advisory
References (MISC) https://support.apple.com/en-us/HT213670 - (MISC) https://support.apple.com/en-us/HT213670 - Vendor Advisory
References (MISC) https://support.apple.com/en-us/HT213671 - (MISC) https://support.apple.com/en-us/HT213671 - Vendor Advisory
References (MLIST) https://lists.debian.org/debian-lts-announce/2023/05/msg00011.html - (MLIST) https://lists.debian.org/debian-lts-announce/2023/05/msg00011.html - Third Party Advisory
References (MISC) https://support.apple.com/en-us/HT213678 - (MISC) https://support.apple.com/en-us/HT213678 - Vendor Advisory

12 May 2023, 12:15

Type Values Removed Values Added
References
  • (MLIST) https://lists.debian.org/debian-lts-announce/2023/05/msg00011.html -

08 May 2023, 20:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-05-08 20:15

Updated : 2024-10-09 14:25


NVD link : CVE-2023-27932

Mitre link : CVE-2023-27932

CVE.ORG link : CVE-2023-27932


JSON object : View

Products Affected

apple

  • macos
  • ipados
  • safari
  • watchos
  • iphone_os
  • tvos

debian

  • debian_linux