CVE - CVE-2023-42916

CVE-ID
CVE-2023-42916	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
DEBIAN:DSA-5575 URL:https://www.debian.org/security/2023/dsa-5575 FEDORA:FEDORA-2023-540bb86780 URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AD2KIHHCUBQC2YYH3FJWAHI5BG3QETOH/ FEDORA:FEDORA-2023-f844a8fa64 URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P5LQS6VEI7VIZNC7QGQ62EOV45R5RJIR/ FULLDISC:20231212 APPLE-SA-11-30-2023-1 Safari 17.1.2 URL:http://seclists.org/fulldisclosure/2023/Dec/3 FULLDISC:20231212 APPLE-SA-11-30-2023-2 iOS 17.1.2 and iPadOS 17.1.2 URL:http://seclists.org/fulldisclosure/2023/Dec/4 FULLDISC:20231212 APPLE-SA-11-30-2023-3 macOS Sonoma 14.1.2 URL:http://seclists.org/fulldisclosure/2023/Dec/5 FULLDISC:20231212 APPLE-SA-12-11-2023-3 iOS 16.7.3 and iPadOS 16.7.3 URL:http://seclists.org/fulldisclosure/2023/Dec/8 FULLDISC:20231212 APPLE-SA-12-11-2023-7 tvOS 17.2 URL:http://seclists.org/fulldisclosure/2023/Dec/12 FULLDISC:20231212 APPLE-SA-12-11-2023-8 watchOS 10.2 URL:http://seclists.org/fulldisclosure/2023/Dec/13 FULLDISC:20240126 APPLE-SA-01-22-2024-4 iOS 15.8.1 and iPadOS 15.8.1 URL:http://seclists.org/fulldisclosure/2024/Jan/35 GENTOO:GLSA-202401-04 URL:https://security.gentoo.org/glsa/202401-04 MISC:https://support.apple.com/en-us/HT214031 URL:https://support.apple.com/en-us/HT214031 MISC:https://support.apple.com/en-us/HT214032 URL:https://support.apple.com/en-us/HT214032 MISC:https://support.apple.com/en-us/HT214033 URL:https://support.apple.com/en-us/HT214033 MLIST:[oss-security] 20231205 WebKitGTK and WPE WebKit Security Advisory WSA-2023-0011 URL:http://www.openwall.com/lists/oss-security/2023/12/05/1
Assigning CNA
Apple Inc.
Date Record Created
20230914	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20230914)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)