CVE-2023-40438
https://notcve.org/view.php?id=CVE-2023-40438
An issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14, iOS 16.7 and iPadOS 16.7. An app may be able to access edited photos saved to a temporary directory. Se solucionó un problema con el manejo mejorado de archivos temporales. Este problema se solucionó en macOS Sonoma 14, iOS 16.7 y iPadOS 16.7. • https://support.apple.com/en-us/HT213927 https://support.apple.com/en-us/HT213940 •
CVE-2022-42816
https://notcve.org/view.php?id=CVE-2022-42816
A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13. An app may be able to modify protected parts of the file system. Se abordó una cuestión de lógica con una mejor gestión estatal. Este problema se solucionó en macOS Ventura 13. • http://seclists.org/fulldisclosure/2024/Mar/21 https://support.apple.com/en-us/HT213488 https://support.apple.com/kb/HT214084 •
CVE-2023-42872
https://notcve.org/view.php?id=CVE-2023-42872
The issue was addressed with additional permissions checks. This issue is fixed in macOS Sonoma 14, iOS 17 and iPadOS 17. An app may be able to access sensitive user data. El problema se solucionó con comprobaciones de permisos adicionales. Este problema se solucionó en macOS Sonoma 14, iOS 17 y iPadOS 17. • https://support.apple.com/en-us/HT213938 https://support.apple.com/en-us/HT213940 •
CVE-2023-42833 – webkitgtk: Processing web content may lead to arbitrary code execution
https://notcve.org/view.php?id=CVE-2023-42833
A correctness issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14, Safari 17, iOS 17 and iPadOS 17. Processing web content may lead to arbitrary code execution. Se solucionó un problema de corrección con controles mejorados. Este problema se solucionó en macOS Sonoma 14, Safari 17, iOS 17 y iPadOS 17. • http://www.openwall.com/lists/oss-security/2024/02/05/8 https://support.apple.com/en-us/HT213938 https://support.apple.com/en-us/HT213940 https://support.apple.com/en-us/HT213941 https://access.redhat.com/security/cve/CVE-2023-42833 https://bugzilla.redhat.com/show_bug.cgi?id=2270146 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2022-32919 – webkitgtk: Visiting a website that frames malicious content may lead to UI spoofing.
https://notcve.org/view.php?id=CVE-2022-32919
The issue was addressed with improved UI handling. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1. Visiting a website that frames malicious content may lead to UI spoofing. El problema se solucionó mejorando el manejo de la interfaz de usuario. Este problema se solucionó en iOS 16.2 y iPadOS 16.2, macOS Ventura 13.1. • https://support.apple.com/en-us/HT213530 https://support.apple.com/en-us/HT213532 https://access.redhat.com/security/cve/CVE-2022-32919 https://bugzilla.redhat.com/show_bug.cgi?id=2271437 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •