Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2023-32409

Опубликовано: 23 июн. 2023
Источник: debian

Описание

The issue was addressed with improved bounds checks. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.8 and iPadOS 15.7.8, Safari 16.5, iOS 16.5 and iPadOS 16.5. A remote attacker may be able to break out of Web Content sandbox. Apple is aware of a report that this issue may have been actively exploited.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
webkit2gtkfixed2.42.0-1package
wpewebkitfixed2.42.0-1package

Примечания

  • Affects the GPU process which is not supported by the GTK and WPE ports

  • https://bugs.webkit.org/show_bug.cgi?id=255350

  • https://github.com/WebKit/WebKit/pull/12660

  • https://github.com/WebKit/WebKit/commit/54408f5746f2401721bd56d71de132a22b6f9856

Связанные уязвимости

ubuntu логотип

CVE-2023-32409

CVSS3: 8.6
ubuntu
больше 2 лет назад

The issue was addressed with improved bounds checks. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.8 and iPadOS 15.7.8, Safari 16.5, iOS 16.5 and iPadOS 16.5. A remote attacker may be able to break out of Web Content sandbox. Apple is aware of a report that this issue may have been actively exploited.

redhat логотип

CVE-2023-32409

CVSS3: 8.8
redhat
больше 2 лет назад

The issue was addressed with improved bounds checks. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.8 and iPadOS 15.7.8, Safari 16.5, iOS 16.5 and iPadOS 16.5. A remote attacker may be able to break out of Web Content sandbox. Apple is aware of a report that this issue may have been actively exploited.

nvd логотип

CVE-2023-32409

CVSS3: 8.6
nvd
больше 2 лет назад

The issue was addressed with improved bounds checks. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.8 and iPadOS 15.7.8, Safari 16.5, iOS 16.5 and iPadOS 16.5. A remote attacker may be able to break out of Web Content sandbox. Apple is aware of a report that this issue may have been actively exploited.

github логотип

GHSA-hwfm-xf3j-ph3g

CVSS3: 8.6
github
больше 2 лет назад

The issue was addressed with improved bounds checks. This issue is fixed in watchOS 9.5, macOS Ventura 13.4, Safari 16.5, tvOS 16.5, iOS 16.5 and iPadOS 16.5. A remote attacker may be able to break out of Web Content sandbox. Apple is aware of a report that this issue may have been actively exploited.

fstec логотип

BDU:2023-02847

CVSS3: 6.3
fstec
больше 2 лет назад

Уязвимость модуля отображения веб-страниц WebKit операционных систем iOS, iPadOS, watchOS, tvOS, браузера Safari, позволяющая нарушителю выполнить произвольный код