Lucene search

PRIOn knowledge basePRION:CVE-2023-42890

HistoryDec 12, 2023 - 1:15 a.m.

Code injection

2023-12-1201:15:00

PRIOn knowledge base

www.prio-n.com

memory handling

code injection

safari

macos sonoma

watchos

ios

ipados

tvos

arbitrary code execution

7.1 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

51.7%

JSON

The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, macOS Sonoma 14.2, watchOS 10.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2. Processing web content may lead to arbitrary code execution.

CPENameOperatorVersion
ipadoslt17.2
iphone_oslt17.2
macosge14.0
macoslt14.2
safarilt17.2
tvoslt17.2
watchoslt10.2

Name	Operator	Version
ipados	lt	17.2
iphone_os	lt	17.2
macos	ge	14.0
macos	lt	14.2
safari	lt	17.2
tvos	lt	17.2
watchos	lt	10.2

References

seclists.org/fulldisclosure/2023/Dec/12

seclists.org/fulldisclosure/2023/Dec/13

seclists.org/fulldisclosure/2023/Dec/6

seclists.org/fulldisclosure/2023/Dec/7

seclists.org/fulldisclosure/2023/Dec/9

www.openwall.com/lists/oss-security/2023/12/18/1

security.gentoo.org/glsa/202401-33

support.apple.com/en-us/HT214035

support.apple.com/en-us/HT214036

support.apple.com/en-us/HT214039

support.apple.com/en-us/HT214040

support.apple.com/en-us/HT214041