CVE-2023-32372

Опубликовано: 23 июн. 2023

Источник: nvd

CVSS3: 5.5

EPSS Низкий

Описание

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5, macOS Ventura 13.4. Processing an image may result in disclosure of process memory.

Ссылки

https://support.apple.com/en-us/HT213757
Release Notes
Vendor Advisory
https://support.apple.com/en-us/HT213758
Release Notes
Vendor Advisory
https://support.apple.com/en-us/HT213761
Release Notes
Vendor Advisory
https://support.apple.com/en-us/HT213764
Release Notes
Vendor Advisory
https://support.apple.com/en-us/HT213757
Release Notes
Vendor Advisory
https://support.apple.com/en-us/HT213758
Release Notes
Vendor Advisory
https://support.apple.com/en-us/HT213761
Release Notes
Vendor Advisory
https://support.apple.com/en-us/HT213764
Release Notes
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*

Версия до 16.5 (исключая)

cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

Версия до 16.5 (исключая)

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Версия от 13.0 (включая) до 13.4 (исключая)

cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*

Версия до 16.5 (исключая)

cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*

Версия до 9.5 (исключая)

EPSS

Процентиль: 8%

0.00031

Низкий

5.5 Medium

CVSS3

Дефекты

CWE-125

Связанные уязвимости

GHSA-cq3h-j934-fgjg

CVSS3: 5.5

github

больше 2 лет назад

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. Processing an image may result in disclosure of process memory

EPSS

Процентиль: 8%

0.00031

Низкий

5.5 Medium

CVSS3

Дефекты

CWE-125