CVE-2023-41993
Published: September 21, 2023Last modified: April 23, 2024
Description
The issue was addressed with improved checks. This issue is fixed in Safari 16.6.1, macOS Ventura 13.6, OS 17.0.1 and iPadOS 17.0.1, iOS 16.7 and iPadOS 16.7. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.
Severity score breakdown
Parameter | Value |
---|---|
Base score | 8.8 |
Attack Vector | NETWORK |
Attack complexity | LOW |
Privileges required | NONE |
User interaction | REQUIRED |
Scope | UNCHANGED |
Confidentiality | HIGH |
Integrity impact | HIGH |
Availability impact | HIGH |
Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Status
Product | Release | Package | Status |
---|---|---|---|
Liberica JDK | 8 | jdk-full | Fixed (8u412+9) |
11 | jdk-full | Fixed (11.0.23+10) | |
17 | jdk-full | Fixed (17.0.11+10) | |
21 | jdk-full | Fixed (21.0.3+10) | |
22 | jdk-full | Fixed (22.0.1+10) |
References
- http://seclists.org/fulldisclosure/2023/Oct/2
- http://seclists.org/fulldisclosure/2023/Oct/3
- http://seclists.org/fulldisclosure/2023/Oct/4
- http://seclists.org/fulldisclosure/2023/Sep/13
- http://seclists.org/fulldisclosure/2023/Sep/14
- http://seclists.org/fulldisclosure/2023/Sep/15
- http://seclists.org/fulldisclosure/2023/Sep/19
- http://www.openwall.com/lists/oss-security/2023/09/28/3
- https://lists.fedoraproject.org/archives/list/[email protected]/message/4EEMDC5TQAANFH5D77QM34ZTUKXPFGVL/
- https://lists.fedoraproject.org/archives/list/[email protected]/message/7ELXBV26Q54BIOVN5LBCJFM2G6VQZ7FO/
- https://lists.fedoraproject.org/archives/list/[email protected]/message/EYRHTFVN6FTXLZ27IPTNRSXKBAR2SOMA/
- https://security.gentoo.org/glsa/202401-33
- https://security.netapp.com/advisory/ntap-20240426-0004/
- https://support.apple.com/en-us/HT213926
- https://support.apple.com/en-us/HT213927
- https://support.apple.com/en-us/HT213930
- https://support.apple.com/en-us/HT213931
- https://support.apple.com/en-us/HT213940
- https://support.apple.com/en-us/HT213941
- https://support.apple.com/kb/HT213926
- https://support.apple.com/kb/HT213930
- https://www.debian.org/security/2023/dsa-5527