CVE-2023-42833 – webkitgtk: Processing web content may lead to arbitrary code execution
https://notcve.org/view.php?id=CVE-2023-42833
A correctness issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14, Safari 17, iOS 17 and iPadOS 17. Processing web content may lead to arbitrary code execution. Se solucionó un problema de corrección con controles mejorados. Este problema se solucionó en macOS Sonoma 14, Safari 17, iOS 17 y iPadOS 17. • http://www.openwall.com/lists/oss-security/2024/02/05/8 https://support.apple.com/en-us/HT213938 https://support.apple.com/en-us/HT213940 https://support.apple.com/en-us/HT213941 https://access.redhat.com/security/cve/CVE-2023-42833 https://bugzilla.redhat.com/show_bug.cgi?id=2270146 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2023-38612
https://notcve.org/view.php?id=CVE-2023-38612
The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7, iOS 16.7 and iPadOS 16.7, iOS 17 and iPadOS 17, macOS Sonoma 14, macOS Ventura 13.6. An app may be able to access protected user data. El problema se solucionó con controles mejorados. Este problema se solucionó en macOS Monterey 12.7, iOS 16.7 y iPadOS 16.7, iOS 17 y iPadOS 17, macOS Sonoma 14, macOS Ventura 13.6. • https://support.apple.com/en-us/HT213927 https://support.apple.com/en-us/HT213931 https://support.apple.com/en-us/HT213932 https://support.apple.com/en-us/HT213938 https://support.apple.com/en-us/HT213940 •
CVE-2023-40385
https://notcve.org/view.php?id=CVE-2023-40385
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14, Safari 17, iOS 17 and iPadOS 17. A remote attacker may be able to view leaked DNS queries with Private Relay turned on. Este problema se solucionó eliminando el código vulnerable. Este problema se solucionó en macOS Sonoma 14, Safari 17, iOS 17 y iPadOS 17. • https://support.apple.com/en-us/HT213938 https://support.apple.com/en-us/HT213940 https://support.apple.com/en-us/HT213941 •
CVE-2023-41974
https://notcve.org/view.php?id=CVE-2023-41974
A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 17 and iPadOS 17. An app may be able to execute arbitrary code with kernel privileges. Se solucionó un problema de use after free con una gestión de memoria mejorada. Este problema se solucionó en iOS 17 y iPadOS 17. • https://support.apple.com/en-us/HT213938 • CWE-416: Use After Free •
CVE-2023-41060
https://notcve.org/view.php?id=CVE-2023-41060
A type confusion issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14, iOS 17 and iPadOS 17. A remote user may be able to cause kernel code execution. Se solucionó un problema de confusión de tipos con comprobaciones mejoradas. Este problema se solucionó en macOS Sonoma 14, iOS 17 y iPadOS 17. • https://support.apple.com/en-us/HT213938 https://support.apple.com/en-us/HT213940 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •