www.cve.org
Open in
urlscan Pro
18.245.60.66
Public Scan
URL:
https://www.cve.org/CVERecord?id=CVE-2023-42917
Submission: On June 11 via api from IN — Scanned from DE
Submission: On June 11 via api from IN — Scanned from DE
Form analysis 0 forms found in the DOM
Text Content
We're sorry but the CVE Website doesn't work properly without JavaScript enabled. Please enable it to continue. Skip to main content About OverviewHistoryProcessRelated EffortsMetrics Partner Information PartnerList of Partners Program Organization StructureProgram Relationship with PartnersBoardWorking GroupsCVE Numbering AuthoritiesAuthorized Data Publishers Downloads Resources & Support ResourcesGlossaryFAQs AllRecentArchivesNewsletter Sign-Up Reserve IDs & Publish RecordsCVE Services Report/Request CNAsNon-CNAs Site Search Find Find CVE Records by keyword on cve.mitre.org. Site Search CVE-2023-42917 PUBLISHED View JSON information View Enhanced Vulnerability Data for this CVE Record by Selecting the “View JSON” Link collapse Assigner: Apple Inc. Published: 2023-11-30Updated: 2023-11-30 A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1. PRODUCT STATUS information Learn About the Versions Section collapse Vendor Apple Product Safari Versions Default Status: unknown * affected before 17.1 Vendor Apple Product macOS Versions Default Status: unknown * affected before 14.1 Vendor Apple Product iOS and iPadOS Versions Default Status: unknown * affected before 17.1 REFERENCES * https://support.apple.com/en-us/HT214033 external site * https://support.apple.com/en-us/HT214032 external site * https://support.apple.com/en-us/HT214031 external site * http://www.openwall.com/lists/oss-security/2023/12/05/1 external site * https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P5LQS6VEI7VIZNC7QGQ62EOV45R5RJIR/ external site * https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AD2KIHHCUBQC2YYH3FJWAHI5BG3QETOH/ external site * https://www.debian.org/security/2023/dsa-5575 external site * http://seclists.org/fulldisclosure/2023/Dec/3 external site * http://seclists.org/fulldisclosure/2023/Dec/4 external site * http://seclists.org/fulldisclosure/2023/Dec/5 external site * http://seclists.org/fulldisclosure/2023/Dec/8 external site * http://seclists.org/fulldisclosure/2023/Dec/13 external site * http://seclists.org/fulldisclosure/2023/Dec/12 external site * https://security.gentoo.org/glsa/202401-04 external site * https://support.apple.com/kb/HT214062 external site * http://seclists.org/fulldisclosure/2024/Jan/35 external site View additional information about CVE-2023-42917 external site on NVD. (Note: The NVD is not operated by the CVE Program) POLICIES & COOKIES * Terms of Use * Website Security Policy * Privacy Policy * Cookie Notice MEDIA * News * Blogs * Podcasts * Email newsletter sign up SOCIAL MEDIA github linkedin mastodon youtube medium x-twitter icon for @CVEnew New CVE Records x-twitter icon for @CVEannounce CVE Announce CONTACT * CVE Program Support external site * CNA Partners * CVE Website Support external site * CVE Program Idea Tracker external site Use of the CVE® List and the associated references from this website are subject to the terms of use. CVE is sponsored by the U.S. Department of Homeland Security (DHS) external link Cybersecurity and Infrastructure Security Agency (CISA) external link . Copyright © 1999-2024, The MITRE Corporation external link . CVE and the CVE logo are registered trademarks of The MITRE Corporation.