CVE-2022-32919 – webkitgtk: Visiting a website that frames malicious content may lead to UI spoofing.
https://notcve.org/view.php?id=CVE-2022-32919
The issue was addressed with improved UI handling. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1. Visiting a website that frames malicious content may lead to UI spoofing. El problema se solucionó mejorando el manejo de la interfaz de usuario. Este problema se solucionó en iOS 16.2 y iPadOS 16.2, macOS Ventura 13.1. • https://support.apple.com/en-us/HT213530 https://support.apple.com/en-us/HT213532 https://access.redhat.com/security/cve/CVE-2022-32919 https://bugzilla.redhat.com/show_bug.cgi?id=2271437 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVE-2023-28185
https://notcve.org/view.php?id=CVE-2023-28185
An integer overflow was addressed through improved input validation. This issue is fixed in tvOS 16.4, macOS Big Sur 11.7.5, iOS 16.4 and iPadOS 16.4, watchOS 9.4, macOS Monterey 12.6.4, iOS 15.7.4 and iPadOS 15.7.4. An app may be able to cause a denial-of-service. Se solucionó un desbordamiento de enteros mediante una validación de entrada mejorada. Este problema se solucionó en tvOS 16.4, macOS Big Sur 11.7.5, iOS 16.4 y iPadOS 16.4, watchOS 9.4, macOS Monterey 12.6.4, iOS 15.7.4 y iPadOS 15.7.4. • https://support.apple.com/en-us/HT213673 https://support.apple.com/en-us/HT213674 https://support.apple.com/en-us/HT213675 https://support.apple.com/en-us/HT213676 https://support.apple.com/en-us/HT213677 https://support.apple.com/en-us/HT213678 • CWE-190: Integer Overflow or Wraparound •
CVE-2023-38612
https://notcve.org/view.php?id=CVE-2023-38612
The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7, iOS 16.7 and iPadOS 16.7, iOS 17 and iPadOS 17, macOS Sonoma 14, macOS Ventura 13.6. An app may be able to access protected user data. El problema se solucionó con controles mejorados. Este problema se solucionó en macOS Monterey 12.7, iOS 16.7 y iPadOS 16.7, iOS 17 y iPadOS 17, macOS Sonoma 14, macOS Ventura 13.6. • https://support.apple.com/en-us/HT213927 https://support.apple.com/en-us/HT213931 https://support.apple.com/en-us/HT213932 https://support.apple.com/en-us/HT213938 https://support.apple.com/en-us/HT213940 •
CVE-2023-42865
https://notcve.org/view.php?id=CVE-2023-42865
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, watchOS 9.4. Processing an image may result in disclosure of process memory. Se solucionó una lectura fuera de los límites con una validación de entrada mejorada. Este problema se solucionó en macOS Ventura 13.3, tvOS 16.4, iOS 16.4 y iPadOS 16.4, watchOS 9.4. • https://support.apple.com/en-us/HT213670 https://support.apple.com/en-us/HT213674 https://support.apple.com/en-us/HT213676 https://support.apple.com/en-us/HT213678 • CWE-125: Out-of-bounds Read •
CVE-2023-40439
https://notcve.org/view.php?id=CVE-2023-40439
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. An app may be able to read sensitive location information. Se solucionó un problema de privacidad mejorando la redacción de datos privados para las entradas de registro. Este problema se solucionó en iOS 16.6 y iPadOS 16.6, macOS Ventura 13.5. • https://support.apple.com/en-us/HT213841 https://support.apple.com/en-us/HT213843 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •