CVE-2023-28204

An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, Safari 16.5, iOS 16.5 and iPadOS 16.5. Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been actively exploited.
References
Link Resource
https://security.gentoo.org/glsa/202401-04 Third Party Advisory
https://support.apple.com/en-us/HT213757 Release Notes Vendor Advisory
https://support.apple.com/en-us/HT213758 Release Notes Vendor Advisory
https://support.apple.com/en-us/HT213761 Release Notes Vendor Advisory
https://support.apple.com/en-us/HT213762 Release Notes Vendor Advisory
https://support.apple.com/en-us/HT213764 Release Notes Vendor Advisory
https://support.apple.com/en-us/HT213765 Release Notes Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:webkitgtk:webkitgtk\+:*:*:*:*:*:*:*:*

History

27 Jun 2024, 19:05

Type Values Removed Values Added
First Time Webkitgtk
Webkitgtk webkitgtk\+
CPE cpe:2.3:a:webkitgtk:webkitgtk\+:*:*:*:*:*:*:*:*
References () https://security.gentoo.org/glsa/202401-04 - () https://security.gentoo.org/glsa/202401-04 - Third Party Advisory

05 Jan 2024, 14:15

Type Values Removed Values Added
References
  • () https://security.gentoo.org/glsa/202401-04 -

27 Jul 2023, 04:15

Type Values Removed Values Added
Summary An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, Safari 16.5, tvOS 16.5, iOS 16.5 and iPadOS 16.5. Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been actively exploited. An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, Safari 16.5, iOS 16.5 and iPadOS 16.5. Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been actively exploited.

30 Jun 2023, 07:03

Type Values Removed Values Added
New CVE

Information

Published : 2023-06-23 18:15

Updated : 2024-06-27 19:05


NVD link : CVE-2023-28204

Mitre link : CVE-2023-28204

CVE.ORG link : CVE-2023-28204


JSON object : View

Products Affected

apple

  • macos
  • ipados
  • safari
  • watchos
  • iphone_os
  • tvos

webkitgtk

  • webkitgtk\+
CWE
CWE-125

Out-of-bounds Read