CVE-2023-42854
https://notcve.org/view.php?id=CVE-2023-42854
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. An app may be able to cause a denial-of-service to Endpoint Security clients. Este problema se solucionó eliminando el código vulnerable. Este problema se solucionó en macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. • http://seclists.org/fulldisclosure/2023/Oct/21 http://seclists.org/fulldisclosure/2023/Oct/24 http://seclists.org/fulldisclosure/2023/Oct/26 https://support.apple.com/en-us/HT213983 https://support.apple.com/en-us/HT213984 https://support.apple.com/en-us/HT213985 https://support.apple.com/kb/HT213983 https://support.apple.com/kb/HT213984 https://support.apple.com/kb/HT213985 •
CVE-2023-40413
https://notcve.org/view.php?id=CVE-2023-40413
The issue was addressed with improved handling of caches. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Monterey 12.7.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. An app may be able to read sensitive location information. El problema se solucionó mejorando el manejo de los cachés. Este problema se solucionó en iOS 17.1 y iPadOS 17.1, macOS Monterey 12.7.1, watchOS 10.1, iOS 16.7.2 y iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. • http://seclists.org/fulldisclosure/2023/Oct/19 http://seclists.org/fulldisclosure/2023/Oct/21 http://seclists.org/fulldisclosure/2023/Oct/23 http://seclists.org/fulldisclosure/2023/Oct/24 http://seclists.org/fulldisclosure/2023/Oct/25 http://seclists.org/fulldisclosure/2023/Oct/26 https://support.apple.com/en-us/HT213981 https://support.apple.com/en-us/HT213982 https://support.apple.com/en-us/HT213983 https://support.apple.com/en-us/HT213984 https://support.apple •
CVE-2023-41982
https://notcve.org/view.php?id=CVE-2023-41982
This issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Sonoma 14.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1. An attacker with physical access may be able to use Siri to access sensitive user data. Este problema se solucionó restringiendo las opciones ofrecidas en un dispositivo bloqueado. Este problema se solucionó en macOS Sonoma 14.1, watchOS 10.1, iOS 16.7.2 y iPadOS 16.7.2, iOS 17.1 y iPadOS 17.1. • http://seclists.org/fulldisclosure/2023/Oct/19 http://seclists.org/fulldisclosure/2023/Oct/23 http://seclists.org/fulldisclosure/2023/Oct/24 http://seclists.org/fulldisclosure/2023/Oct/25 https://support.apple.com/en-us/HT213981 https://support.apple.com/en-us/HT213982 https://support.apple.com/en-us/HT213984 https://support.apple.com/en-us/HT213988 https://support.apple.com/kb/HT213981 https://support.apple.com/kb/HT213982 https://support.apple.com/kb/HT213984 •
CVE-2023-40444
https://notcve.org/view.php?id=CVE-2023-40444
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.1. An app may be able to access user-sensitive data. Se solucionó un problema de permisos con restricciones adicionales. Este problema se solucionó en macOS Sonoma 14.1. • http://seclists.org/fulldisclosure/2023/Oct/24 https://support.apple.com/en-us/HT213984 https://support.apple.com/kb/HT213984 •
CVE-2023-42438
https://notcve.org/view.php?id=CVE-2023-42438
An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.1. Visiting a malicious website may lead to user interface spoofing. Se solucionó un problema de interfaz de usuario inconsistente con una gestión del estado mejorada. Este problema se solucionó en macOS Sonoma 14.1. • http://seclists.org/fulldisclosure/2023/Oct/24 https://support.apple.com/en-us/HT213984 https://support.apple.com/kb/HT213984 •