Lucene search
HistoryJun 23, 2023 - 6:15 p.m.
CVE-2023-32372
cve-2023-32372
input validation
disclosure of process memory
image processing
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
AI Score
4.5
Confidence
High
EPSS
0.001
Percentile
30.5%
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5, macOS Ventura 13.4. Processing an image may result in disclosure of process memory.
Affected configurations
Node
appleipadosRange<16.5
ORappleiphone_osRange<16.5
ORapplemacosRange13.0–13.4
ORappletvosRange<16.5
ORapplewatchosRange<9.5
Related
cvelist
cvelist
CVE-2023-32372
2023-06-23 00:00:00
prion
prion
Input validation
2023-06-23 18:15:00
zdi
zdi
cve
cve
CVE-2023-32372
2023-06-23 18:15:11
apple
apple
About the security content of tvOS 16.5
2023-05-18 00:00:00
About the security content of watchOS 9.5
2023-05-18 00:00:00
About the security content of iOS 16.5 and iPadOS 16.5
2023-05-18 00:00:00
nessus
nessus
macOS 13.x < 13.4 Multiple Vulnerabilities (HT213758)
2023-05-18 00:00:00
openvas
openvas
Apple Mac OS X Security Update (HT213758)
2023-05-22 00:00:00
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
AI Score
4.5
Confidence
High
EPSS
0.001
Percentile
30.5%
Related for NVD:CVE-2023-32372