CVE-2023-28198

A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. Processing web content may lead to arbitrary code execution.

CVSS v3 8.8 HIGH

8.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
http://www.openwall.com/lists/oss-security/2023/09/11/1	Mailing List Third Party Advisory
https://security.gentoo.org/glsa/202401-04
https://support.apple.com/en-us/HT213670	Release Notes Vendor Advisory
https://support.apple.com/en-us/HT213676	Release Notes Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:apple:ipados::::::::
	cpe:2.3:o:apple:iphone_os::::::::
	cpe:2.3:o:apple:macos::::::::

Configuration 2 (hide)

OR	cpe:2.3:a:webkitgtk:webkitgtk::::::::
	cpe:2.3:a:wpewebkit:wpe_webkit::::::::

History

05 Jan 2024, 14:15

Type	Values Removed	Values Added
CPE		cpe:2.3:a:webkitgtk:webkitgtk:::::::: cpe:2.3:a:wpewebkit:wpe_webkit::::::::
References		(MISC) http://www.openwall.com/lists/oss-security/2023/09/11/1 - Mailing List, Third Party Advisory () https://security.gentoo.org/glsa/202401-04 -

19 Aug 2023, 00:43

Type	Values Removed	Values Added
CWE		CWE-416
References	~~(MISC) https://support.apple.com/en-us/HT213676 -~~	(MISC) https://support.apple.com/en-us/HT213676 - Release Notes, Vendor Advisory
References	~~(MISC) https://support.apple.com/en-us/HT213670 -~~	(MISC) https://support.apple.com/en-us/HT213670 - Release Notes, Vendor Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 8.8
CPE		cpe:2.3:o:apple:ipados:::::::: cpe:2.3:o:apple:macos:::::::: cpe:2.3:o:apple:iphone_os::::::::

14 Aug 2023, 23:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-08-14 23:15

Updated : 2024-02-05 00:01

NVD link : CVE-2023-28198

Mitre link : CVE-2023-28198

CVE.ORG link : CVE-2023-28198

JSON object : View

Products Affected

apple

macos
ipados
iphone_os

webkitgtk

webkitgtk

wpewebkit

wpe_webkit

CWE

CWE-416

Use After Free

{"id": "CVE-2023-28198", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2023-08-14T23:15:10.830", "references": [{"url": "http://www.openwall.com/lists/oss-security/2023/09/11/1", "tags": ["Mailing List", "Third Party Advisory"], "source": "product-security@apple.com"}, {"url": "https://security.gentoo.org/glsa/202401-04", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/HT213670", "tags": ["Release Notes", "Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/HT213676", "tags": ["Release Notes", "Vendor Advisory"], "source": "product-security@apple.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-416"}]}], "descriptions": [{"lang": "en", "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. Processing web content may lead to arbitrary code execution."}, {"lang": "es", "value": "Se ha solucionado un problema de use-after-free con una mejora en la gesti\u00f3n de memoria. Este problema se ha solucionado en iOS 16.4 y iPadOS 16.4, macOS Ventura 13.3. El procesamiento de contenido web puede dar lugar a la ejecuci\u00f3n de c\u00f3digo arbitrario."}], "lastModified": "2024-01-05T14:15:46.227", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EE68C5EC-5829-481D-BFF7-0A501018A3CE", "versionEndExcluding": "16.4"}, {"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F02C0CA5-8ABA-48C7-BCAE-5CF25435DF87", "versionEndExcluding": "16.4"}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96", "versionEndExcluding": "13.3", "versionStartIncluding": "13.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:webkitgtk:webkitgtk:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A007F029-38D8-4D0D-8DF2-A2F6CB9ADE60", "versionEndExcluding": "2.40.1"}, {"criteria": "cpe:2.3:a:wpewebkit:wpe_webkit:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8C1E75F9-1855-4668-8E78-2A6F0F4FCBA1", "versionEndExcluding": "2.40.1"}], "operator": "OR"}]}], "sourceIdentifier": "product-security@apple.com"}