CVE-2023-42970

Name
CVE-2023-42970
Description
A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14, watchOS 10, tvOS 17, Safari 17. Processing web content may lead to arbitrary code execution.
NVD Severity
unknown
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
https://support.apple.com/en-us/120949
https://support.apple.com/en-us/120950
https://support.apple.com/en-us/120948
https://support.apple.com/en-us/120947
https://support.apple.com/en-us/120330

Match rules

CPE URI Source package Min version Max version
ios-and-ipados >= unspecified < 17
macos >= unspecified < 14
watchos >= unspecified < 10
tvos >= unspecified < 17
safari >= unspecified < 17
cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* safari >= None < 17.0
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* ipados >= None < 17.0
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* iphone_os >= None < 17.0
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* macos >= None < 14.0
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* tvos >= None < 17.0
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* watchos >= None < 10.0

Vulnerable and fixed packages

Source package Branch Version Maintainer Status