admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 03:02:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-07-27 01:00:49 +00:00
parent 26cd2cd2a3
commit 6508b8b420
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
100 changed files with 1608 additions and 2053 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
2023/23xxx/CVE-2023-23494.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 16.4 and iPadOS 16.4. A user in a privileged network position may be able to cause a denial-of-service."
"value": "This issue was addressed with improved state management. This issue is fixed in iOS 16.4 and iPadOS 16.4. A remote attacker may be able to cause unexpected app termination or arbitrary code execution."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "A user in a privileged network position may be able to cause a denial-of-service"
"value": "A remote attacker may be able to cause unexpected app termination or arbitrary code execution"
}
]
}

81
2023/23xxx/CVE-2023-23496.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-23496",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.3, Safari 16.3, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.3 and iPadOS 16.3, watchOS 9.3, macOS Ventura 13.2. Processing maliciously crafted web content may lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may lead to arbitrary code execution"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,6 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.3"
}
]
@ -31,28 +52,31 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.3"
}
]
}
},
{
"product_name": "tvOS",
"product_name": "Safari",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.3"
}
]
}
},
{
"product_name": "tvOS",
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "13.2"
}
]
@ -64,6 +88,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "9.3"
}
]
@ -75,52 +100,42 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may lead to arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213605",
"name": "https://support.apple.com/en-us/HT213605"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213606",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213606"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213601",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213601"
},
{
"url": "https://support.apple.com/en-us/HT213600",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213599",
"name": "https://support.apple.com/en-us/HT213599"
"name": "https://support.apple.com/en-us/HT213600"
},
{
"url": "https://support.apple.com/en-us/HT213531",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213600",
"name": "https://support.apple.com/en-us/HT213600"
}
]
},
"description": {
"description_data": [
"name": "https://support.apple.com/en-us/HT213531"
},
{
"lang": "eng",
"value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.2, tvOS 16.3, Safari 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3. Processing maliciously crafted web content may lead to arbitrary code execution."
"url": "https://support.apple.com/en-us/HT213638",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213638"
},
{
"url": "https://support.apple.com/en-us/HT213605",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213605"
},
{
"url": "https://support.apple.com/en-us/HT213599",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213599"
}
]
}

71
2023/23xxx/CVE-2023-23497.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-23497",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS Big Sur 11.7.3, macOS Monterey 12.6.3. An app may be able to bypass Privacy preferences."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to bypass Privacy preferences"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,32 +40,11 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "11.7"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.2"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
}
]
}
@ -53,43 +52,23 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to gain root privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213603",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213603"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213605",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213605"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213604",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213604"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, macOS Big Sur 11.7.3. An app may be able to gain root privileges."
}
]
}
}

4
2023/23xxx/CVE-2023-23498.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, iOS 15.7.3 and iPadOS 15.7.3. The quoted original message may be selected from the wrong email when forwarding an email from an Exchange account."
"value": "This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in iOS 15.7.3 and iPadOS 15.7.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. An HTML document may be able to render iframes with sensitive user information."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "The quoted original message may be selected from the wrong email when forwarding an email from an Exchange account"
"value": "An HTML document may be able to render iframes with sensitive user information"
}
]
}

4
2023/23xxx/CVE-2023-23499.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.6.3, macOS Big Sur 11.7.3, iOS 16.3 and iPadOS 16.3, tvOS 16.3, macOS Ventura 13.2, watchOS 9.3. An app may be able to access user-sensitive data."
"value": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.3, macOS Big Sur 11.7.3, iOS 16.3 and iPadOS 16.3, watchOS 9.3, macOS Ventura 13.2, macOS Monterey 12.6.3. Processing maliciously crafted web content may lead to arbitrary code execution."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "An app may be able to access user-sensitive data"
"value": "Processing maliciously crafted web content may lead to arbitrary code execution"
}
]
}

77
2023/23xxx/CVE-2023-23500.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-23500",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.3, iOS 15.7.3 and iPadOS 15.7.3, iOS 16.3 and iPadOS 16.3, watchOS 9.3, macOS Ventura 13.2. Processing maliciously crafted web content may lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may lead to arbitrary code execution"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,6 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.3"
}
]
@ -31,28 +52,19 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.3"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.7"
}
]
}
},
{
"product_name": "tvOS",
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "13.2"
}
]
@ -64,6 +76,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "9.3"
}
]
@ -75,52 +88,32 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to leak sensitive kernel state"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213605",
"name": "https://support.apple.com/en-us/HT213605"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213606",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213606"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213601",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213601"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213598",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213598"
},
{
"url": "https://support.apple.com/en-us/HT213605",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213599",
"name": "https://support.apple.com/en-us/HT213599"
}
]
},
"description": {
"description_data": [
"name": "https://support.apple.com/en-us/HT213605"
},
{
"lang": "eng",
"value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, iOS 15.7.3 and iPadOS 15.7.3, tvOS 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3. An app may be able to leak sensitive kernel state."
"url": "https://support.apple.com/en-us/HT213599",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213599"
}
]
}

45
2023/23xxx/CVE-2023-23501.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-23501",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Ventura 13.2. An HTML document may be able to render iframes with sensitive user information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An HTML document may be able to render iframes with sensitive user information"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,6 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "13.2"
}
]
@ -31,33 +52,13 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to disclose kernel memory."
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213605",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213605"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with improved memory handling This issue is fixed in macOS Ventura 13.2. An app may be able to disclose kernel memory.."
}
]
}
}

4
2023/23xxx/CVE-2023-23502.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in macOS Monterey 12.6.3, iOS 16.3 and iPadOS 16.3, tvOS 16.3, macOS Ventura 13.2, watchOS 9.3. An app may be able to determine kernel memory layout."
"value": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.3, iOS 16.3 and iPadOS 16.3, watchOS 9.3, macOS Ventura 13.2, macOS Monterey 12.6.3. Processing maliciously crafted web content may lead to arbitrary code execution."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "An app may be able to determine kernel memory layout"
"value": "Processing maliciously crafted web content may lead to arbitrary code execution"
}
]
}

77
2023/23xxx/CVE-2023-23503.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-23503",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.3, iOS 15.7.3 and iPadOS 15.7.3, iOS 16.3 and iPadOS 16.3, watchOS 9.3, macOS Ventura 13.2. Processing maliciously crafted web content may lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may lead to arbitrary code execution"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,6 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.3"
}
]
@ -31,28 +52,19 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.3"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.7"
}
]
}
},
{
"product_name": "tvOS",
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "13.2"
}
]
@ -64,6 +76,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "9.3"
}
]
@ -75,52 +88,32 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to bypass Privacy preferences"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213605",
"name": "https://support.apple.com/en-us/HT213605"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213606",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213606"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213601",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213601"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213598",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213598"
},
{
"url": "https://support.apple.com/en-us/HT213605",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213599",
"name": "https://support.apple.com/en-us/HT213599"
}
]
},
"description": {
"description_data": [
"name": "https://support.apple.com/en-us/HT213605"
},
{
"lang": "eng",
"value": "A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, iOS 15.7.3 and iPadOS 15.7.3, tvOS 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3. An app may be able to bypass Privacy preferences."
"url": "https://support.apple.com/en-us/HT213599",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213599"
}
]
}

4
2023/23xxx/CVE-2023-23504.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.3, iOS 15.7.3 and iPadOS 15.7.3, iOS 16.3 and iPadOS 16.3, tvOS 16.3, macOS Ventura 13.2, watchOS 9.3. An app may be able to execute arbitrary code with kernel privileges."
"value": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.3, iOS 15.7.3 and iPadOS 15.7.3, iOS 16.3 and iPadOS 16.3, watchOS 9.3, macOS Ventura 13.2, macOS Monterey 12.6.3. Processing maliciously crafted web content may lead to arbitrary code execution."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "An app may be able to execute arbitrary code with kernel privileges"
"value": "Processing maliciously crafted web content may lead to arbitrary code execution"
}
]
}

4
2023/23xxx/CVE-2023-23505.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Monterey 12.6.3, iOS 15.7.3 and iPadOS 15.7.3, macOS Big Sur 11.7.3, iOS 16.3 and iPadOS 16.3, macOS Ventura 13.2, watchOS 9.3. An app may be able to access information about a user\u2019s contacts."
"value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7.3, iOS 15.7.3 and iPadOS 15.7.3, iOS 16.3 and iPadOS 16.3, watchOS 9.3, macOS Ventura 13.2, macOS Monterey 12.6.3. Processing maliciously crafted web content may lead to arbitrary code execution."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "An app may be able to access information about a user\u2019s contacts"
"value": "Processing maliciously crafted web content may lead to arbitrary code execution"
}
]
}

45
2023/23xxx/CVE-2023-23506.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-23506",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Ventura 13.2. An HTML document may be able to render iframes with sensitive user information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An HTML document may be able to render iframes with sensitive user information"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,6 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "13.2"
}
]
@ -31,33 +52,13 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to access user-sensitive data"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213605",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213605"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A permissions issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.2. An app may be able to access user-sensitive data."
}
]
}
}

58
2023/23xxx/CVE-2023-23507.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-23507",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3. An app may be able to bypass Privacy preferences."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to bypass Privacy preferences"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,21 +40,11 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "13.2"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
}
]
}
@ -42,38 +52,18 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to execute arbitrary code with kernel privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213605",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213605"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213604",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213604"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with improved bounds checks. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3. An app may be able to execute arbitrary code with kernel privileges."
}
]
}
}

45
2023/23xxx/CVE-2023-23510.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-23510",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Ventura 13.2. An HTML document may be able to render iframes with sensitive user information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An HTML document may be able to render iframes with sensitive user information"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,6 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "13.2"
}
]
@ -31,33 +52,13 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to access a user\u2019s Safari history"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213605",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213605"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A permissions issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.2. An app may be able to access a user\u2019s Safari history."
}
]
}
}

85
2023/23xxx/CVE-2023-23511.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-23511",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.3, iOS 16.3 and iPadOS 16.3, watchOS 9.3, macOS Ventura 13.2, macOS Monterey 12.6.3. Processing maliciously crafted web content may lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may lead to arbitrary code execution"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,6 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.3"
}
]
@ -31,39 +52,31 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.3"
}
]
}
},
{
"product_name": "tvOS",
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "13.2"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "9.3"
}
]
@ -75,52 +88,32 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to bypass Privacy preferences"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213605",
"name": "https://support.apple.com/en-us/HT213605"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213604",
"name": "https://support.apple.com/en-us/HT213604"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213606",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213606"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213601",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213601"
},
{
"url": "https://support.apple.com/en-us/HT213605",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213599",
"name": "https://support.apple.com/en-us/HT213599"
}
]
},
"description": {
"description_data": [
"name": "https://support.apple.com/en-us/HT213605"
},
{
"lang": "eng",
"value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, tvOS 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3. An app may be able to bypass Privacy preferences."
"url": "https://support.apple.com/en-us/HT213604",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213604"
},
{
"url": "https://support.apple.com/en-us/HT213599",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213599"
}
]
}

4
2023/23xxx/CVE-2023-23512.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with improved handling of caches. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, watchOS 9.3, tvOS 16.3. Visiting a website may lead to an app denial-of-service."
"value": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, watchOS 9.3. Processing maliciously crafted web content may lead to arbitrary code execution."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Visiting a website may lead to an app denial-of-service"
"value": "Processing maliciously crafted web content may lead to arbitrary code execution"
}
]
}

4
2023/23xxx/CVE-2023-23513.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS Big Sur 11.7.3, macOS Monterey 12.6.3. Mounting a maliciously crafted Samba network share may lead to arbitrary code execution."
"value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS Big Sur 11.7.3, macOS Monterey 12.6.3. An app may be able to bypass Privacy preferences."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Mounting a maliciously crafted Samba network share may lead to arbitrary code execution"
"value": "An app may be able to bypass Privacy preferences"
}
]
}

4
2023/23xxx/CVE-2023-23514.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.6.4, macOS Ventura 13.3, macOS Big Sur 11.7.5, macOS Ventura 13.2.1, iOS 16.3.1 and iPadOS 16.3.1. An app may be able to execute arbitrary code with kernel privileges."
"value": "A type confusion issue was addressed with improved checks. This issue is fixed in iOS 16.3.1 and iPadOS 16.3.1, macOS Ventura 13.3, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.2.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "An app may be able to execute arbitrary code with kernel privileges."
"value": "Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited."
}
]
}

71
2023/23xxx/CVE-2023-23516.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-23516",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS Big Sur 11.7.3, macOS Monterey 12.6.3. An app may be able to bypass Privacy preferences."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to bypass Privacy preferences"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,32 +40,11 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "11.7"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.2"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
}
]
}
@ -53,43 +52,23 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to execute arbitrary code with kernel privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213603",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213603"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213605",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213605"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213604",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213604"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.3, macOS Big Sur 11.7.3, macOS Ventura 13.2. An app may be able to execute arbitrary code with kernel privileges"
}
]
}
}

123
2023/23xxx/CVE-2023-23517.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-23517",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.3, Safari 16.3, macOS Big Sur 11.7.3, iOS 16.3 and iPadOS 16.3, watchOS 9.3, macOS Ventura 13.2, macOS Monterey 12.6.3. Processing maliciously crafted web content may lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may lead to arbitrary code execution"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,6 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.3"
}
]
@ -31,61 +52,43 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.3"
}
]
}
},
{
"product_name": "tvOS",
"product_name": "Safari",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.3"
}
]
}
},
{
"product_name": "tvOS",
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "11.7"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.2"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "9.3"
}
]
@ -97,67 +100,47 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may lead to arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213603",
"name": "https://support.apple.com/en-us/HT213603"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213605",
"name": "https://support.apple.com/en-us/HT213605"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213604",
"name": "https://support.apple.com/en-us/HT213604"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213606",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213606"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213601",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213601"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213599",
"name": "https://support.apple.com/en-us/HT213599"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213600",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213600"
},
{
"refsource": "GENTOO",
"name": "GLSA-202305-32",
"url": "https://security.gentoo.org/glsa/202305-32"
}
]
},
"description": {
"description_data": [
"url": "https://support.apple.com/en-us/HT213603",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213603"
},
{
"lang": "eng",
"value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, tvOS 16.3, Safari 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3, macOS Big Sur 11.7.3. Processing maliciously crafted web content may lead to arbitrary code execution."
"url": "https://support.apple.com/en-us/HT213638",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213638"
},
{
"url": "https://support.apple.com/en-us/HT213605",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213605"
},
{
"url": "https://support.apple.com/en-us/HT213604",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213604"
},
{
"url": "https://support.apple.com/en-us/HT213599",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213599"
}
]
}

2
2023/23xxx/CVE-2023-23518.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.3, macOS Big Sur 11.7.3, Safari 16.3, iOS 16.3 and iPadOS 16.3, tvOS 16.3, macOS Ventura 13.2, watchOS 9.3. Processing maliciously crafted web content may lead to arbitrary code execution."
"value": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.3, Safari 16.3, macOS Big Sur 11.7.3, iOS 16.3 and iPadOS 16.3, watchOS 9.3, macOS Ventura 13.2, macOS Monterey 12.6.3. Processing maliciously crafted web content may lead to arbitrary code execution."
}
]
},

64
2023/23xxx/CVE-2023-23519.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-23519",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, watchOS 9.3. Processing maliciously crafted web content may lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may lead to arbitrary code execution"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,6 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.3"
}
]
@ -31,17 +52,19 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.3"
}
]
}
},
{
"product_name": "tvOS",
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "13.2"
}
]
@ -53,6 +76,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "9.3"
}
]
@ -64,47 +88,27 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing an image may lead to a denial-of-service"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213605",
"name": "https://support.apple.com/en-us/HT213605"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213606",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213606"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213601",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213601"
},
{
"url": "https://support.apple.com/en-us/HT213605",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213599",
"name": "https://support.apple.com/en-us/HT213599"
}
]
},
"description": {
"description_data": [
"name": "https://support.apple.com/en-us/HT213605"
},
{
"lang": "eng",
"value": "A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, tvOS 16.3, iOS 16.3 and iPadOS 16.3, watchOS 9.3. Processing an image may lead to a denial-of-service."
"url": "https://support.apple.com/en-us/HT213599",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213599"
}
]
}

92
2023/23xxx/CVE-2023-23520.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-23520",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, watchOS 9.3. Processing maliciously crafted web content may lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may lead to arbitrary code execution"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,6 +40,19 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.3"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.3"
}
]
@ -31,10 +64,23 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "13.2"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "9.3"
}
]
}
}
]
}
@ -42,47 +88,27 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A user may be able to read arbitrary files as root"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://support.apple.com/kb/HT213599",
"url": "https://support.apple.com/kb/HT213599"
},
{
"refsource": "CONFIRM",
"name": "https://support.apple.com/kb/HT213601",
"url": "https://support.apple.com/kb/HT213601"
},
{
"url": "https://support.apple.com/en-us/HT213606",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213606"
},
{
"url": "https://support.apple.com/en-us/HT213601",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213601"
},
{
"url": "https://support.apple.com/en-us/HT213605",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213605"
},
{
"url": "https://support.apple.com/en-us/HT213599",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213606",
"name": "https://support.apple.com/en-us/HT213606"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A race condition was addressed with additional validation. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. A user may be able to read arbitrary files as root."
"name": "https://support.apple.com/en-us/HT213599"
}
]
}

4
2023/23xxx/CVE-2023-23522.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Ventura 13.2.1. An app may be able to observe unprotected user data."
"value": "A type confusion issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.2.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "An app may be able to observe unprotected user data."
"value": "Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited."
}
]
}

50
2023/23xxx/CVE-2023-23523.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-23523",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "This issue was addressed with improved state management. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. A remote attacker may be able to cause unexpected app termination or arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A remote attacker may be able to cause unexpected app termination or arbitrary code execution"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,17 +40,19 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "13.3"
}
]
}
},
{
"product_name": "macOS",
"product_name": "iOS and iPadOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.4"
}
]
@ -42,38 +64,18 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Photos belonging to the Hidden Photos Album could be viewed without authentication through Visual Lookup"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213670",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213670"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213676",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213676"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A logic issue was addressed with improved restrictions. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4. Photos belonging to the Hidden Photos Album could be viewed without authentication through Visual Lookup"
}
]
}
}

2
2023/23xxx/CVE-2023-23524.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A denial-of-service issue was addressed with improved input validation. This issue is fixed in iOS 16.3.1 and iPadOS 16.3.1, macOS Ventura 13.2.1, watchOS 9.3.1, tvOS 16.3.2. Processing a maliciously crafted certificate may lead to a denial-of-service."
"value": "A denial-of-service issue was addressed with improved input validation. This issue is fixed in watchOS 9.3.1, iOS 16.3.1 and iPadOS 16.3.1, macOS Ventura 13.2.1, tvOS 16.3.2. Processing a maliciously crafted certificate may lead to a denial-of-service."
}
]
},

4
2023/23xxx/CVE-2023-23525.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "This issue was addressed with improved checks. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3, macOS Big Sur 11.7.5. An app may be able to gain root privileges."
"value": "This issue was addressed with a new entitlement. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Big Sur 11.7.5, macOS Ventura 13.3. An app may be able to break out of its sandbox."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "An app may be able to gain root privileges"
"value": "An app may be able to break out of its sandbox"
}
]
}

50
2023/23xxx/CVE-2023-23526.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-23526",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "This issue was addressed with improved state management. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. A remote attacker may be able to cause unexpected app termination or arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A remote attacker may be able to cause unexpected app termination or arbitrary code execution"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,17 +40,19 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "13.3"
}
]
}
},
{
"product_name": "macOS",
"product_name": "iOS and iPadOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.4"
}
]
@ -42,38 +64,18 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A file from an iCloud shared-by-me folder may be able to bypass Gatekeeper"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213670",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213670"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213676",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213676"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "This was addressed with additional checks by Gatekeeper on files downloaded from an iCloud shared-by-me folder. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4. A file from an iCloud shared-by-me folder may be able to bypass Gatekeeper"
}
]
}
}

84
2023/23xxx/CVE-2023-23527.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-23527",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, watchOS 9.4. An app may be able to break out of its sandbox."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to break out of its sandbox"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,65 +40,47 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "13.3"
}
]
}
},
{
"product_name": "macOS",
"product_name": "iOS and iPadOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "9.4"
}
]
}
},
{
"product_name": "watchOS",
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.4"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
}
]
}
@ -86,58 +88,38 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A user may gain access to protected parts of the file system"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213670",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213670"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213676",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213676"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213677",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213677"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213678",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213678"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213674",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213674"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213675",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213675"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Big Sur 11.7.5, watchOS 9.4, macOS Ventura 13.3, tvOS 16.4, macOS Monterey 12.6.4. A user may gain access to protected parts of the file system"
}
]
}
}

4
2023/23xxx/CVE-2023-23528.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 16.4 and iPadOS 16.4, tvOS 16.4. Processing a maliciously crafted Bluetooth packet may result in disclosure of process memory."
"value": "This issue was addressed with improved state management. This issue is fixed in iOS 16.4 and iPadOS 16.4, tvOS 16.4. A remote attacker may be able to cause unexpected app termination or arbitrary code execution."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Processing a maliciously crafted Bluetooth packet may result in disclosure of process memory"
"value": "A remote attacker may be able to cause unexpected app termination or arbitrary code execution"
}
]
}

4
2023/23xxx/CVE-2023-23529.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A type confusion issue was addressed with improved checks. This issue is fixed in Safari 16.3, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.3.1 and iPadOS 16.3.1, macOS Ventura 13.2.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited."
"value": "This issue was addressed with improved state management. This issue is fixed in Safari 16.3, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.3.1 and iPadOS 16.3.1, macOS Ventura 13.2.1. A remote user may be able to cause unexpected app termination or arbitrary code execution."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited."
"value": "A remote user may be able to cause unexpected app termination or arbitrary code execution"
}
]
}

4
2023/23xxx/CVE-2023-23530.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 16.3 and iPadOS 16.3, macOS Ventura 13.2. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges."
"value": "This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. An HTML document may be able to render iframes with sensitive user information."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges"
"value": "An HTML document may be able to render iframes with sensitive user information"
}
]
}

52
2023/23xxx/CVE-2023-23531.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-23531",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. An HTML document may be able to render iframes with sensitive user information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An HTML document may be able to render iframes with sensitive user information"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,6 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.3"
}
]
@ -31,6 +52,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "13.2"
}
]
@ -42,37 +64,17 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://support.apple.com/en-us/HT213606",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213605",
"name": "https://support.apple.com/en-us/HT213605"
"name": "https://support.apple.com/en-us/HT213606"
},
{
"url": "https://support.apple.com/en-us/HT213605",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213606",
"name": "https://support.apple.com/en-us/HT213606"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges."
"name": "https://support.apple.com/en-us/HT213605"
}
]
}

4
2023/23xxx/CVE-2023-23532.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "This issue was addressed with improved checks. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3, iOS 15.7.6 and iPadOS 15.7.6. An app may be able to break out of its sandbox."
"value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.4 and iPadOS 16.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "An app may be able to break out of its sandbox"
"value": "Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited."
}
]
}

4
2023/23xxx/CVE-2023-23533.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4. An app may be able to modify protected parts of the file system."
"value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Monterey 12.6.4, macOS Ventura 13.3. An app may be able to break out of its sandbox."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "An app may be able to modify protected parts of the file system"
"value": "An app may be able to break out of its sandbox"
}
]
}

4
2023/23xxx/CVE-2023-23534.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Big Sur 11.7.5. Processing a maliciously crafted image may result in disclosure of process memory."
"value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Big Sur 11.7.5, macOS Ventura 13.3. An app may be able to break out of its sandbox."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Processing a maliciously crafted image may result in disclosure of process memory"
"value": "An app may be able to break out of its sandbox"
}
]
}

137
2023/23xxx/CVE-2023-23535.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-23535",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "This issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.6.6, macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Big Sur 11.7.5, watchOS 9.4. A remote user may be able to cause unexpected app termination or arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A remote user may be able to cause unexpected app termination or arbitrary code execution"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,28 +40,19 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "13.3"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "macOS",
"product_name": "iOS and iPadOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.4"
}
]
@ -53,43 +64,23 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "9.4"
}
]
}
},
{
"product_name": "watchOS",
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.4"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.7"
}
]
}
}
]
}
@ -97,72 +88,42 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing a maliciously crafted image may result in disclosure of process memory"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213670",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213670"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213676",
"name": "https://support.apple.com/en-us/HT213676"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213678",
"name": "https://support.apple.com/en-us/HT213678"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213674",
"name": "https://support.apple.com/en-us/HT213674"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213675",
"name": "https://support.apple.com/en-us/HT213675"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213673",
"name": "https://support.apple.com/en-us/HT213673"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213759",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213759"
},
{
"refsource": "FULLDISC",
"name": "20230529 APPLE-SA-2023-03-27-2 iOS 15.7.4 and iPadOS 15.7.4",
"url": "http://seclists.org/fulldisclosure/2023/May/7"
"url": "https://support.apple.com/en-us/HT213676",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213676"
},
{
"refsource": "FULLDISC",
"name": "20230529 APPLE-SA-2023-05-18-4 macOS Monterey 12.6.6",
"url": "http://seclists.org/fulldisclosure/2023/May/9"
}
]
},
"description": {
"description_data": [
"url": "https://support.apple.com/en-us/HT213678",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213678"
},
{
"lang": "eng",
"value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.6, iOS 15.7.4 and iPadOS 15.7.4, tvOS 16.4, macOS Big Sur 11.7.5, watchOS 9.4, iOS 16.4 and iPadOS 16.4. Processing a maliciously crafted image may result in disclosure of process memory"
"url": "https://support.apple.com/en-us/HT213674",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213674"
},
{
"url": "https://support.apple.com/en-us/HT213675",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213675"
},
{
"url": "https://support.apple.com/en-us/HT213673",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213673"
}
]
}

92
2023/23xxx/CVE-2023-23536.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-23536",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, watchOS 9.4. A remote user may be able to cause unexpected app termination or arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A remote user may be able to cause unexpected app termination or arbitrary code execution"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,40 +40,44 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "13.3"
}
]
}
},
{
"product_name": "macOS",
"product_name": "iOS and iPadOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.4"
}
]
}
},
{
"product_name": "macOS",
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
"version_name": "unspecified",
"version_value": "9.4"
}
]
}
},
{
"product_name": "macOS",
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.7"
"version_name": "unspecified",
"version_value": "16.4"
}
]
}
@ -64,63 +88,43 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to execute arbitrary code with kernel privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://support.apple.com/kb/HT213677",
"url": "https://support.apple.com/kb/HT213677"
},
{
"refsource": "CONFIRM",
"name": "https://support.apple.com/kb/HT213674",
"url": "https://support.apple.com/kb/HT213674"
},
{
"refsource": "CONFIRM",
"name": "https://support.apple.com/kb/HT213678",
"url": "https://support.apple.com/kb/HT213678"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213670",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213670"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213676",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213676"
},
{
"url": "https://support.apple.com/en-us/HT213677",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213677"
},
{
"url": "https://support.apple.com/en-us/HT213678",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213678"
},
{
"url": "https://support.apple.com/en-us/HT213674",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213674"
},
{
"url": "https://support.apple.com/en-us/HT213675",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213675"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213673",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213673"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with improved bounds checks. This issue is fixed in macOS Big Sur 11.7.5, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. An app may be able to execute arbitrary code with kernel privileges"
}
]
}
}

84
2023/23xxx/CVE-2023-23537.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-23537",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Big Sur 11.7.5, watchOS 9.4. A remote user may be able to cause unexpected app termination or arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A remote user may be able to cause unexpected app termination or arbitrary code execution"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,17 +40,19 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "13.3"
}
]
}
},
{
"product_name": "macOS",
"product_name": "iOS and iPadOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.4"
}
]
@ -42,32 +64,11 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "9.4"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.7"
}
]
}
}
]
}
@ -75,57 +76,32 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to read sensitive location information"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213670",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213670"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213676",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213676"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213678",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213678"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213675",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213675"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213673",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213673"
},
{
"refsource": "FULLDISC",
"name": "20230529 APPLE-SA-2023-03-27-2 iOS 15.7.4 and iPadOS 15.7.4",
"url": "http://seclists.org/fulldisclosure/2023/May/7"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, macOS Ventura 13.3, macOS Big Sur 11.7.5, watchOS 9.4, iOS 16.4 and iPadOS 16.4. An app may be able to read sensitive location information"
}
]
}

58
2023/23xxx/CVE-2023-23538.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-23538",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Monterey 12.6.4, macOS Ventura 13.3. An app may be able to break out of its sandbox."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to break out of its sandbox"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,21 +40,11 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "13.3"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
}
]
}
@ -42,38 +52,18 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to modify protected parts of the file system"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213670",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213670"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213677",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213677"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4. An app may be able to modify protected parts of the file system"
}
]
}
}

50
2023/23xxx/CVE-2023-23539.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-23539",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Ventura 13.2. An HTML document may be able to render iframes with sensitive user information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An HTML document may be able to render iframes with sensitive user information"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,6 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "13.2"
}
]
@ -31,37 +52,12 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Mounting a maliciously crafted Samba network share may lead to arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213605",
"name": "https://support.apple.com/en-us/HT213605"
},
{
"refsource": "MISC",
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1659",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1659"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2. Mounting a maliciously crafted Samba network share may lead to arbitrary code execution"
"name": "https://support.apple.com/en-us/HT213605"
}
]
}

72
2023/23xxx/CVE-2023-23540.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-23540",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, iOS 15.7.8 and iPadOS 15.7.8. Processing web content may disclose sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing web content may disclose sensitive information"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,6 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.4"
}
]
@ -31,21 +52,11 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "12.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
}
]
}
@ -53,52 +64,27 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to execute arbitrary code with kernel privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213676",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213676"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213677",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213677"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213675",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213675"
},
{
"refsource": "CONFIRM",
"name": "https://support.apple.com/kb/HT213842",
"url": "https://support.apple.com/kb/HT213842"
},
{
"refsource": "FULLDISC",
"name": "20230725 APPLE-SA-2023-07-24-3 iOS 15.7.8 and iPadOS 15.7.8",
"url": "http://seclists.org/fulldisclosure/2023/Jul/46"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, iOS 16.4 and iPadOS 16.4. An app may be able to execute arbitrary code with kernel privileges"
"url": "https://support.apple.com/en-us/HT213842",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213842"
}
]
}

63
2023/23xxx/CVE-2023-23541.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-23541",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "This issue was addressed with improved state management. This issue is fixed in iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4. A remote user may be able to cause unexpected app termination or arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A remote user may be able to cause unexpected app termination or arbitrary code execution"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,21 +40,11 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.4"
}
]
}
},
{
"product_name": "iOS and iPadOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.7"
}
]
}
}
]
}
@ -42,42 +52,17 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to access information about a user\u2019s contacts"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213676",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213676"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213673",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213673"
},
{
"refsource": "FULLDISC",
"name": "20230529 APPLE-SA-2023-03-27-2 iOS 15.7.4 and iPadOS 15.7.4",
"url": "http://seclists.org/fulldisclosure/2023/May/7"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4. An app may be able to access information about a user\u2019s contacts"
}
]
}

71
2023/23xxx/CVE-2023-23542.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-23542",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. An app may be able to break out of its sandbox."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to break out of its sandbox"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,32 +40,11 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "13.3"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
}
]
}
@ -53,43 +52,23 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to access user-sensitive data"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213670",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213670"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213677",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213677"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213675",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213675"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. An app may be able to access user-sensitive data"
}
]
}
}

4
2023/23xxx/CVE-2023-23543.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Ventura 13.3, watchOS 9.4. A sandboxed app may be able to determine which app is currently using the camera."
"value": "This issue was addressed with improved state management. This issue is fixed in iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, watchOS 9.4, macOS Ventura 13.3. A remote user may be able to cause unexpected app termination or arbitrary code execution."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "A sandboxed app may be able to determine which app is currently using the camera"
"value": "A remote user may be able to cause unexpected app termination or arbitrary code execution"
}
]
}

89
2023/27xxx/CVE-2023-27928.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-27928",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Big Sur 11.7.5, watchOS 9.4. A remote user may be able to cause unexpected app termination or arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A remote user may be able to cause unexpected app termination or arbitrary code execution"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,17 +40,19 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "13.3"
}
]
}
},
{
"product_name": "macOS",
"product_name": "iOS and iPadOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.4"
}
]
@ -42,43 +64,23 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "9.4"
}
]
}
},
{
"product_name": "watchOS",
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.4"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.7"
}
]
}
}
]
}
@ -86,62 +88,37 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to access information about a user\u2019s contacts"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213670",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213670"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213676",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213676"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213678",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213678"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213674",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213674"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213675",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213675"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213673",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213673"
},
{
"refsource": "FULLDISC",
"name": "20230529 APPLE-SA-2023-03-27-2 iOS 15.7.4 and iPadOS 15.7.4",
"url": "http://seclists.org/fulldisclosure/2023/May/7"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, tvOS 16.4, macOS Big Sur 11.7.5, watchOS 9.4, iOS 16.4 and iPadOS 16.4. An app may be able to access information about a user\u2019s contacts"
}
]
}

58
2023/27xxx/CVE-2023-27929.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-27929",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "This issue was addressed with improved state management. This issue is fixed in iOS 16.4 and iPadOS 16.4, watchOS 9.4, macOS Ventura 13.3, tvOS 16.4. A remote attacker may be able to cause unexpected app termination or arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A remote attacker may be able to cause unexpected app termination or arbitrary code execution"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,17 +40,19 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "13.3"
}
]
}
},
{
"product_name": "macOS",
"product_name": "iOS and iPadOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.4"
}
]
@ -42,17 +64,19 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "9.4"
}
]
}
},
{
"product_name": "watchOS",
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.4"
}
]
@ -64,48 +88,28 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing a maliciously crafted image may result in disclosure of process memory"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213670",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213670"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213676",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213676"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213678",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213678"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213674",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213674"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.4, iOS 16.4 and iPadOS 16.4, tvOS 16.4, macOS Ventura 13.3. Processing a maliciously crafted image may result in disclosure of process memory"
}
]
}
}

4
2023/27xxx/CVE-2023-27930.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A type confusion issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, macOS Ventura 13.4, tvOS 16.5. An app may be able to execute arbitrary code with kernel privileges."
"value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. An app may be able to disclose kernel memory."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "An app may be able to execute arbitrary code with kernel privileges"
"value": "An app may be able to disclose kernel memory"
}
]
}

2
2023/27xxx/CVE-2023-27931.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 16.4 and iPadOS 16.4, tvOS 16.4, macOS Monterey 12.6.3, macOS Big Sur 11.7.3, watchOS 9.4, macOS Ventura 13.3. An app may be able to bypass Privacy preferences."
"value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7.3, macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, watchOS 9.4, macOS Monterey 12.6.3. An app may be able to bypass Privacy preferences."
}
]
},

86
2023/27xxx/CVE-2023-27932.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-27932",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, watchOS 9.4, Safari 16.4. A remote attacker may be able to cause unexpected app termination or arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A remote attacker may be able to cause unexpected app termination or arbitrary code execution"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,28 +40,31 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "13.3"
}
]
}
},
{
"product_name": "macOS",
"product_name": "Safari",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.4"
}
]
}
},
{
"product_name": "macOS",
"product_name": "iOS and iPadOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.4"
}
]
@ -53,17 +76,19 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "9.4"
}
]
}
},
{
"product_name": "watchOS",
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.4"
}
]
@ -75,57 +100,32 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may bypass Same Origin Policy"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213670",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213670"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213676",
"name": "https://support.apple.com/en-us/HT213676"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213678",
"name": "https://support.apple.com/en-us/HT213678"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213674",
"name": "https://support.apple.com/en-us/HT213674"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213671",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213671"
},
{
"refsource": "GENTOO",
"name": "GLSA-202305-32",
"url": "https://security.gentoo.org/glsa/202305-32"
}
]
},
"description": {
"description_data": [
"url": "https://support.apple.com/en-us/HT213676",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213676"
},
{
"lang": "eng",
"value": "This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, watchOS 9.4, Safari 16.4, iOS 16.4 and iPadOS 16.4. Processing maliciously crafted web content may bypass Same Origin Policy"
"url": "https://support.apple.com/en-us/HT213678",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213678"
},
{
"url": "https://support.apple.com/en-us/HT213674",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213674"
}
]
}

71
2023/27xxx/CVE-2023-27933.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-27933",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, macOS Monterey 12.6.4, watchOS 9.4. A remote attacker may be able to cause unexpected app termination or arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A remote attacker may be able to cause unexpected app termination or arbitrary code execution"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,50 +40,43 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "13.3"
}
]
}
},
{
"product_name": "macOS",
"product_name": "iOS and iPadOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "9.4"
}
]
}
},
{
"product_name": "watchOS",
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.4"
}
]
@ -75,53 +88,33 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app with root privileges may be able to execute arbitrary code with kernel privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213670",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213670"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213676",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213676"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213677",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213677"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213678",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213678"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213674",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213674"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, watchOS 9.4, macOS Monterey 12.6.4, iOS 16.4 and iPadOS 16.4. An app with root privileges may be able to execute arbitrary code with kernel privileges"
}
]
}
}

54
2023/27xxx/CVE-2023-27934.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-27934",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Monterey 12.6.4, macOS Ventura 13.3. An app may be able to break out of its sandbox."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to break out of its sandbox"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,6 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "13.3"
}
]
@ -31,42 +52,17 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A remote user may be able to cause unexpected app termination or arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://support.apple.com/kb/HT213677",
"url": "https://support.apple.com/kb/HT213677"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213670",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213670"
},
{
"url": "https://support.apple.com/en-us/HT213677",
"refsource": "MISC",
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1677",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1677"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A memory initialization issue was addressed. This issue is fixed in macOS Ventura 13.3. A remote user may be able to cause unexpected app termination or arbitrary code execution"
"name": "https://support.apple.com/en-us/HT213677"
}
]
}

76
2023/27xxx/CVE-2023-27935.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-27935",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. An app may be able to break out of its sandbox."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to break out of its sandbox"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,32 +40,11 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "13.3"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
}
]
}
@ -53,47 +52,22 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A remote user may be able to cause unexpected app termination or arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213670",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213670"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213677",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213677"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213675",
"name": "https://support.apple.com/en-us/HT213675"
},
{
"refsource": "MISC",
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1676",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1676"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with improved bounds checks. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. A remote user may be able to cause unexpected app termination or arbitrary code execution"
"name": "https://support.apple.com/en-us/HT213675"
}
]
}

4
2023/27xxx/CVE-2023-27936.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to cause unexpected system termination or write kernel memory."
"value": "This issue was addressed with improved state management. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. A remote user may be able to cause unexpected app termination or arbitrary code execution."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "An app may be able to cause unexpected system termination or write kernel memory"
"value": "A remote user may be able to cause unexpected app termination or arbitrary code execution"
}
]
}

84
2023/27xxx/CVE-2023-27937.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-27937",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, watchOS 9.4. An app may be able to break out of its sandbox."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to break out of its sandbox"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,65 +40,47 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "13.3"
}
]
}
},
{
"product_name": "macOS",
"product_name": "iOS and iPadOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "9.4"
}
]
}
},
{
"product_name": "watchOS",
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.4"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
}
]
}
@ -86,58 +88,38 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Parsing a maliciously crafted plist may lead to an unexpected app termination or arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213670",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213670"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213676",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213676"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213677",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213677"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213678",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213678"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213674",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213674"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213675",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213675"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "An integer overflow was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, macOS Big Sur 11.7.5, watchOS 9.4, macOS Monterey 12.6.4, iOS 16.4 and iPadOS 16.4. Parsing a maliciously crafted plist may lead to an unexpected app termination or arbitrary code execution"
}
]
}
}

45
2023/27xxx/CVE-2023-27938.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-27938",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in GarageBand for macOS 10.4.8. Parsing a maliciously crafted MIDI file may lead to an unexpected application termination or arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Parsing a maliciously crafted MIDI file may lead to an unexpected application termination or arbitrary code execution"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,6 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "10.4"
}
]
@ -31,33 +52,13 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Parsing a maliciously crafted MIDI file may lead to an unexpected application termination or arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213650",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213650"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in GarageBand for macOS 10.4.8. Parsing a maliciously crafted MIDI file may lead to an unexpected application termination or arbitrary code execution"
}
]
}
}

67
2023/27xxx/CVE-2023-27940.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-27940",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, macOS Monterey 12.6.6. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited."
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,28 +40,19 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "13.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "macOS",
"product_name": "iOS and iPadOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "15.7"
}
]
@ -53,42 +64,22 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A sandboxed app may be able to observe system-wide network connections"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://support.apple.com/en-us/HT213758",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213765",
"name": "https://support.apple.com/en-us/HT213765"
"name": "https://support.apple.com/en-us/HT213758"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213759",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213759"
},
{
"url": "https://support.apple.com/en-us/HT213765",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with additional permissions checks. This issue is fixed in macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Monterey 12.6.6. A sandboxed app may be able to observe system-wide network connections"
"name": "https://support.apple.com/en-us/HT213765"
}
]
}

4
2023/27xxx/CVE-2023-27941.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to disclose kernel memory."
"value": "This issue was addressed with improved state management. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. A remote user may be able to cause unexpected app termination or arbitrary code execution."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "An app may be able to disclose kernel memory"
"value": "A remote user may be able to cause unexpected app termination or arbitrary code execution"
}
]
}

84
2023/27xxx/CVE-2023-27942.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-27942",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, watchOS 9.4. An app may be able to break out of its sandbox."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to break out of its sandbox"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,65 +40,47 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "13.3"
}
]
}
},
{
"product_name": "macOS",
"product_name": "iOS and iPadOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "9.4"
}
]
}
},
{
"product_name": "watchOS",
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.4"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
}
]
}
@ -86,58 +88,38 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to access user-sensitive data"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213670",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213670"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213676",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213676"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213677",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213677"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213678",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213678"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213674",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213674"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213675",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213675"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, macOS Big Sur 11.7.5, watchOS 9.4, macOS Monterey 12.6.4, iOS 16.4 and iPadOS 16.4. An app may be able to access user-sensitive data"
}
]
}
}

50
2023/27xxx/CVE-2023-27943.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-27943",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "This issue was addressed with improved state management. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. A remote attacker may be able to cause unexpected app termination or arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A remote attacker may be able to cause unexpected app termination or arbitrary code execution"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,17 +40,19 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "13.3"
}
]
}
},
{
"product_name": "macOS",
"product_name": "iOS and iPadOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.4"
}
]
@ -42,38 +64,18 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Files downloaded from the internet may not have the quarantine flag applied"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213670",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213670"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213676",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213676"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "This issue was addressed with improved checks. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. Files downloaded from the internet may not have the quarantine flag applied"
}
]
}
}

71
2023/27xxx/CVE-2023-27944.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-27944",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. An app may be able to break out of its sandbox."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to break out of its sandbox"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,32 +40,11 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "13.3"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
}
]
}
@ -53,43 +52,23 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to break out of its sandbox"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213670",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213670"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213677",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213677"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213675",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213675"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. An app may be able to break out of its sandbox"
}
]
}
}

79
2023/27xxx/CVE-2023-27945.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-27945",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in Xcode 14.3, macOS Monterey 12.6.6, macOS Big Sur 11.7.7. A remote attacker may be able to cause unexpected app termination or arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A remote attacker may be able to cause unexpected app termination or arbitrary code execution"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,32 +40,23 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "12.6"
}
]
}
},
{
"product_name": "macOS",
"product_name": "Xcode",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "14.3"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
}
]
}
@ -53,52 +64,22 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A sandboxed app may be able to collect system logs"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213679",
"name": "https://support.apple.com/en-us/HT213679"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213759",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213759"
},
{
"url": "https://support.apple.com/en-us/HT213679",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213679"
},
{
"url": "https://support.apple.com/en-us/HT213760",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213760"
},
{
"refsource": "FULLDISC",
"name": "20230529 APPLE-SA-2023-05-18-5 macOS Big Sur 11.7.7",
"url": "http://seclists.org/fulldisclosure/2023/May/10"
},
{
"refsource": "FULLDISC",
"name": "20230529 APPLE-SA-2023-05-18-4 macOS Monterey 12.6.6",
"url": "http://seclists.org/fulldisclosure/2023/May/9"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "This issue was addressed with improved entitlements. This issue is fixed in macOS Monterey 12.6.6, Xcode 14.3, macOS Big Sur 11.7.7. A sandboxed app may be able to collect system logs"
}
]
}

4
2023/27xxx/CVE-2023-27946.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution."
"value": "This issue was addressed with improved state management. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. A remote user may be able to cause unexpected app termination or arbitrary code execution."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution"
"value": "A remote user may be able to cause unexpected app termination or arbitrary code execution"
}
]
}

68
2023/27xxx/CVE-2023-27949.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-27949",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "This issue was addressed with improved state management. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, macOS Ventura 13.3. A remote user may be able to cause unexpected app termination or arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A remote user may be able to cause unexpected app termination or arbitrary code execution"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,28 +40,19 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "13.3"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "macOS",
"product_name": "iOS and iPadOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "15.7"
}
]
@ -53,47 +64,22 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213670",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213670"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213677",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213677"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213673",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213673"
},
{
"refsource": "FULLDISC",
"name": "20230529 APPLE-SA-2023-03-27-2 iOS 15.7.4 and iPadOS 15.7.4",
"url": "http://seclists.org/fulldisclosure/2023/May/7"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Monterey 12.6.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Ventura 13.3. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution"
}
]
}

4
2023/27xxx/CVE-2023-27951.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An archive may be able to bypass Gatekeeper."
"value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. An app may be able to break out of its sandbox."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "An archive may be able to bypass Gatekeeper"
"value": "An app may be able to break out of its sandbox"
}
]
}

45
2023/27xxx/CVE-2023-27952.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-27952",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Ventura 13.3. An app may be able to break out of its sandbox."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to break out of its sandbox"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,6 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "13.3"
}
]
@ -31,33 +52,13 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may bypass Gatekeeper checks"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213670",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213670"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A race condition was addressed with improved locking. This issue is fixed in macOS Ventura 13.3. An app may bypass Gatekeeper checks"
}
]
}
}

76
2023/27xxx/CVE-2023-27953.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-27953",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. An app may be able to break out of its sandbox."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to break out of its sandbox"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,32 +40,11 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "13.3"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
}
]
}
@ -53,47 +52,22 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A remote user may be able to cause unexpected system termination or corrupt kernel memory"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213670",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213670"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213677",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213677"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213675",
"name": "https://support.apple.com/en-us/HT213675"
},
{
"refsource": "MISC",
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1688",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1688"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. A remote user may be able to cause unexpected system termination or corrupt kernel memory"
"name": "https://support.apple.com/en-us/HT213675"
}
]
}

108
2023/27xxx/CVE-2023-27954.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-27954",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, watchOS 9.4, Safari 16.4. A remote user may be able to cause unexpected app termination or arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A remote user may be able to cause unexpected app termination or arbitrary code execution"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,28 +40,31 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "13.3"
}
]
}
},
{
"product_name": "macOS",
"product_name": "Safari",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.4"
}
]
}
},
{
"product_name": "macOS",
"product_name": "iOS and iPadOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.4"
}
]
@ -53,32 +76,23 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "9.4"
}
]
}
},
{
"product_name": "watchOS",
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.4"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.7"
}
]
}
}
]
}
@ -86,67 +100,37 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A website may be able to track sensitive user information"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213670",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213670"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213676",
"name": "https://support.apple.com/en-us/HT213676"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213678",
"name": "https://support.apple.com/en-us/HT213678"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213674",
"name": "https://support.apple.com/en-us/HT213674"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213673",
"name": "https://support.apple.com/en-us/HT213673"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213671",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213671"
},
{
"refsource": "FULLDISC",
"name": "20230529 APPLE-SA-2023-03-27-2 iOS 15.7.4 and iPadOS 15.7.4",
"url": "http://seclists.org/fulldisclosure/2023/May/7"
"url": "https://support.apple.com/en-us/HT213676",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213676"
},
{
"refsource": "GENTOO",
"name": "GLSA-202305-32",
"url": "https://security.gentoo.org/glsa/202305-32"
}
]
},
"description": {
"description_data": [
"url": "https://support.apple.com/en-us/HT213678",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213678"
},
{
"lang": "eng",
"value": "The issue was addressed by removing origin information. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, tvOS 16.4, watchOS 9.4, Safari 16.4, iOS 16.4 and iPadOS 16.4. A website may be able to track sensitive user information"
"url": "https://support.apple.com/en-us/HT213674",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213674"
},
{
"url": "https://support.apple.com/en-us/HT213673",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213673"
}
]
}

80
2023/27xxx/CVE-2023-27955.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-27955",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, macOS Big Sur 11.7.5, macOS Monterey 12.6.4. An app may be able to break out of its sandbox."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to break out of its sandbox"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,40 +40,32 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "13.3"
}
]
}
},
{
"product_name": "macOS",
"product_name": "iOS and iPadOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.4"
}
]
}
},
{
"product_name": "macOS",
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
"version_name": "unspecified",
"version_value": "16.4"
}
]
}
@ -64,52 +76,32 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to read arbitrary files"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://support.apple.com/kb/HT213674",
"url": "https://support.apple.com/kb/HT213674"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213670",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213670"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213676",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213676"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213677",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213677"
},
{
"url": "https://support.apple.com/en-us/HT213674",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213675",
"name": "https://support.apple.com/en-us/HT213675"
}
]
},
"description": {
"description_data": [
"name": "https://support.apple.com/en-us/HT213674"
},
{
"lang": "eng",
"value": "The issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. An app may be able to read arbitrary files"
"url": "https://support.apple.com/en-us/HT213675",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213675"
}
]
}

76
2023/27xxx/CVE-2023-27956.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-27956",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, watchOS 9.4. A remote user may be able to cause unexpected app termination or arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A remote user may be able to cause unexpected app termination or arbitrary code execution"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,17 +40,19 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "13.3"
}
]
}
},
{
"product_name": "macOS",
"product_name": "iOS and iPadOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.4"
}
]
@ -42,32 +64,23 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "9.4"
}
]
}
},
{
"product_name": "watchOS",
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.4"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.7"
}
]
}
}
]
}
@ -75,57 +88,32 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing a maliciously crafted image may result in disclosure of process memory"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213670",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213670"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213676",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213676"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213678",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213678"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213674",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213674"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213673",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213673"
},
{
"refsource": "FULLDISC",
"name": "20230529 APPLE-SA-2023-03-27-2 iOS 15.7.4 and iPadOS 15.7.4",
"url": "http://seclists.org/fulldisclosure/2023/May/7"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, macOS Ventura 13.3, tvOS 16.4, watchOS 9.4, iOS 16.4 and iPadOS 16.4. Processing a maliciously crafted image may result in disclosure of process memory"
}
]
}

4
2023/27xxx/CVE-2023-27957.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution."
"value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Ventura 13.3. An app may be able to break out of its sandbox."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution"
"value": "An app may be able to break out of its sandbox"
}
]
}

76
2023/27xxx/CVE-2023-27958.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-27958",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. An app may be able to break out of its sandbox."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to break out of its sandbox"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,32 +40,11 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "13.3"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
}
]
}
@ -53,47 +52,22 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A remote user may be able to cause unexpected system termination or corrupt kernel memory"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213670",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213670"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213677",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213677"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213675",
"name": "https://support.apple.com/en-us/HT213675"
},
{
"refsource": "MISC",
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1689",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1689"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. A remote user may be able to cause unexpected system termination or corrupt kernel memory"
"name": "https://support.apple.com/en-us/HT213675"
}
]
}

45
2023/27xxx/CVE-2023-27959.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-27959",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "This issue was addressed with improved state management. This issue is fixed in iOS 16.4 and iPadOS 16.4. A remote attacker may be able to cause unexpected app termination or arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A remote attacker may be able to cause unexpected app termination or arbitrary code execution"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,6 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.4"
}
]
@ -31,33 +52,13 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to execute arbitrary code with kernel privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213676",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213676"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 16.4 and iPadOS 16.4. An app may be able to execute arbitrary code with kernel privileges"
}
]
}
}

45
2023/27xxx/CVE-2023-27960.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-27960",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in GarageBand for macOS 10.4.8. Parsing a maliciously crafted MIDI file may lead to an unexpected application termination or arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Parsing a maliciously crafted MIDI file may lead to an unexpected application termination or arbitrary code execution"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,6 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "10.4"
}
]
@ -31,33 +52,13 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to gain elevated privileges during the installation of GarageBand"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213650",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213650"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "This issue was addressed by removing the vulnerable code. This issue is fixed in GarageBand for macOS 10.4.8. An app may be able to gain elevated privileges during the installation of GarageBand"
}
]
}
}

4
2023/28xxx/CVE-2023-28190.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A privacy issue was addressed by moving sensitive data to a more secure location. This issue is fixed in macOS Ventura 13.3. An app may be able to access user-sensitive data."
"value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Ventura 13.3. An app may be able to break out of its sandbox."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "An app may be able to access user-sensitive data"
"value": "An app may be able to break out of its sandbox"
}
]
}

2
2023/28xxx/CVE-2023-28201.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "This issue was addressed with improved state management. This issue is fixed in tvOS 16.4, iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, Safari 16.4. A remote user may be able to cause unexpected app termination or arbitrary code execution."
"value": "This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, Safari 16.4. A remote user may be able to cause unexpected app termination or arbitrary code execution."
}
]
},

2
2023/32xxx/CVE-2023-32354.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5. An app may be able to disclose kernel memory."
"value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5. An app may be able to disclose kernel memory."
}
]
},

62
2023/32xxx/CVE-2023-32375.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-32375",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.4, macOS Monterey 12.6.6. Processing a 3D model may result in disclosure of process memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing a 3D model may result in disclosure of process memory"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,21 +40,11 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "13.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
}
]
}
@ -42,37 +52,17 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing a 3D model may result in disclosure of process memory"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://support.apple.com/en-us/HT213758",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213759",
"name": "https://support.apple.com/en-us/HT213759"
"name": "https://support.apple.com/en-us/HT213758"
},
{
"url": "https://support.apple.com/en-us/HT213759",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.4, macOS Monterey 12.6.6. Processing a 3D model may result in disclosure of process memory"
"name": "https://support.apple.com/en-us/HT213759"
}
]
}

77
2023/32xxx/CVE-2023-32380.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-32380",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.7.7, macOS Ventura 13.4, macOS Monterey 12.6.6. Processing a 3D model may lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing a 3D model may lead to arbitrary code execution"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,32 +40,11 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "13.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
}
]
}
@ -53,42 +52,22 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing a 3D model may lead to arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://support.apple.com/en-us/HT213758",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213758"
},
{
"url": "https://support.apple.com/en-us/HT213759",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213759"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213760",
"name": "https://support.apple.com/en-us/HT213760"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. Processing a 3D model may lead to arbitrary code execution"
"name": "https://support.apple.com/en-us/HT213760"
}
]
}

4
2023/32xxx/CVE-2023-32381.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Big Sur 11.7.9, macOS Monterey 12.6.8, tvOS 16.6, macOS Ventura 13.5, watchOS 9.6. An app may be able to execute arbitrary code with kernel privileges."
"value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Monterey 12.6.8, tvOS 16.6, watchOS 9.6, macOS Big Sur 11.7.9, macOS Ventura 13.5. Processing web content may disclose sensitive information."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "An app may be able to execute arbitrary code with kernel privileges"
"value": "Processing web content may disclose sensitive information"
}
]
}

4
2023/32xxx/CVE-2023-32397.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7.7, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, macOS Monterey 12.6.6. An app may be able to modify protected parts of the file system."
"value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, macOS Big Sur 11.7.7, macOS Ventura 13.4, macOS Monterey 12.6.6. A remote attacker may be able to cause unexpected app termination or arbitrary code execution."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "An app may be able to modify protected parts of the file system"
"value": "A remote attacker may be able to cause unexpected app termination or arbitrary code execution"
}
]
}

4
2023/32xxx/CVE-2023-32400.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5. An app may be able to disclose kernel memory."
"value": "This issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, macOS Ventura 13.4. Entitlements and privacy permissions granted to this app may be used by a malicious app."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "An app may be able to disclose kernel memory"
"value": "Entitlements and privacy permissions granted to this app may be used by a malicious app"
}
]
}

4
2023/32xxx/CVE-2023-32416.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, iOS 15.7.8 and iPadOS 15.7.8, macOS Monterey 12.6.8, watchOS 9.6, macOS Ventura 13.5. Processing web content may disclose sensitive information."
"value": "A logic issue was addressed with improved restrictions. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Monterey 12.6.8, watchOS 9.6, macOS Ventura 13.5, iOS 15.7.8 and iPadOS 15.7.8. An app may be able to read sensitive location information."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Processing web content may disclose sensitive information"
"value": "An app may be able to read sensitive location information"
}
]
}

4
2023/32xxx/CVE-2023-32417.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "This issue was addressed by restricting options offered on a locked device. This issue is fixed in watchOS 9.5. An attacker with physical access to a locked Apple Watch may be able to view user photos or contacts via accessibility features."
"value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in watchOS 9.5. An app may be able to disclose kernel memory."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "An attacker with physical access to a locked Apple Watch may be able to view user photos or contacts via accessibility features"
"value": "An app may be able to disclose kernel memory"
}
]
}

4
2023/32xxx/CVE-2023-32420.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. An app may be able to disclose kernel memory."
"value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, macOS Ventura 13.4, tvOS 16.5. An app may be able to cause unexpected system termination or read kernel memory."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "An app may be able to disclose kernel memory"
"value": "An app may be able to cause unexpected system termination or read kernel memory"
}
]
}

4
2023/32xxx/CVE-2023-32437.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with improvements to the file handling protocol. This issue is fixed in iOS 16.6 and iPadOS 16.6. An app may be able to break out of its sandbox."
"value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6. Processing web content may disclose sensitive information."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "An app may be able to break out of its sandbox"
"value": "Processing web content may disclose sensitive information"
}
]
}

4
2023/32xxx/CVE-2023-32441.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, iOS 15.7.8 and iPadOS 15.7.8, tvOS 16.6, macOS Monterey 12.6.8, watchOS 9.6, macOS Big Sur 11.7.9, macOS Ventura 13.5. Processing web content may disclose sensitive information."
"value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Big Sur 11.7.9, macOS Monterey 12.6.8, tvOS 16.6, watchOS 9.6, macOS Ventura 13.5, iOS 15.7.8 and iPadOS 15.7.8. An app may be able to execute arbitrary code with kernel privileges."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Processing web content may disclose sensitive information"
"value": "An app may be able to execute arbitrary code with kernel privileges"
}
]
}

4
2023/32xxx/CVE-2023-32734.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5, iOS 16.6 and iPadOS 16.6, tvOS 16.6, watchOS 9.6. Processing web content may disclose sensitive information."
"value": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5, watchOS 9.6. An app may be able to execute arbitrary code with kernel privileges."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Processing web content may disclose sensitive information"
"value": "An app may be able to execute arbitrary code with kernel privileges"
}
]
}

4
2023/35xxx/CVE-2023-35983.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "This issue was addressed with improved data protection. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. An app may be able to modify protected parts of the file system."
"value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.5, macOS Monterey 12.6.8, macOS Big Sur 11.7.9. Processing a file may lead to a denial-of-service or potentially disclose memory contents."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "An app may be able to modify protected parts of the file system"
"value": "Processing a file may lead to a denial-of-service or potentially disclose memory contents"
}
]
}

4
2023/35xxx/CVE-2023-35993.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, iOS 15.7.8 and iPadOS 15.7.8, tvOS 16.6, macOS Monterey 12.6.8, watchOS 9.6, macOS Big Sur 11.7.9, macOS Ventura 13.5. Processing web content may disclose sensitive information."
"value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Big Sur 11.7.9, macOS Monterey 12.6.8, tvOS 16.6, watchOS 9.6, macOS Ventura 13.5, iOS 15.7.8 and iPadOS 15.7.8. An app may be able to execute arbitrary code with kernel privileges."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Processing web content may disclose sensitive information"
"value": "An app may be able to execute arbitrary code with kernel privileges"
}
]
}

4
2023/36xxx/CVE-2023-36854.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. Processing a file may lead to unexpected app termination or arbitrary code execution."
"value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.5, macOS Monterey 12.6.8, macOS Big Sur 11.7.9. Processing a file may lead to a denial-of-service or potentially disclose memory contents."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Processing a file may lead to unexpected app termination or arbitrary code execution"
"value": "Processing a file may lead to a denial-of-service or potentially disclose memory contents"
}
]
}

4
2023/36xxx/CVE-2023-36862.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Ventura 13.5. An app may be able to determine a user\u2019s current location."
"value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5. Processing web content may disclose sensitive information."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "An app may be able to determine a user\u2019s current location"
"value": "Processing web content may disclose sensitive information"
}
]
}

2
2023/38xxx/CVE-2023-38133.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, iOS 15.7.8 and iPadOS 15.7.8, tvOS 16.6, watchOS 9.6, Safari 16.6, macOS Ventura 13.5. Processing web content may disclose sensitive information."
"value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, tvOS 16.6, watchOS 9.6, macOS Ventura 13.5, iOS 15.7.8 and iPadOS 15.7.8, Safari 16.6. Processing web content may disclose sensitive information."
}
]
},

4
2023/38xxx/CVE-2023-38261.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5, iOS 16.6 and iPadOS 16.6. Processing web content may disclose sensitive information."
"value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel privileges."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Processing web content may disclose sensitive information"
"value": "An app may be able to execute arbitrary code with kernel privileges"
}
]
}

4
2023/38xxx/CVE-2023-38564.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5. Processing web content may disclose sensitive information."
"value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5. An app may be able to modify protected parts of the file system."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Processing web content may disclose sensitive information"
"value": "An app may be able to modify protected parts of the file system"
}
]
}

4
2023/38xxx/CVE-2023-38572.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, iOS 15.7.8 and iPadOS 15.7.8, tvOS 16.6, watchOS 9.6, Safari 16.6, macOS Ventura 13.5. Processing web content may disclose sensitive information."
"value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, tvOS 16.6, watchOS 9.6, macOS Ventura 13.5, iOS 15.7.8 and iPadOS 15.7.8, Safari 16.6. A website may be able to bypass Same Origin Policy."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Processing web content may disclose sensitive information"
"value": "A website may be able to bypass Same Origin Policy"
}
]
}

4
2023/38xxx/CVE-2023-38580.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5, iOS 16.6 and iPadOS 16.6, watchOS 9.6. Processing web content may disclose sensitive information."
"value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5, watchOS 9.6. An app may be able to execute arbitrary code with kernel privileges."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Processing web content may disclose sensitive information"
"value": "An app may be able to execute arbitrary code with kernel privileges"
}
]
}

4
2023/38xxx/CVE-2023-38597.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with improved checks. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5, Safari 16.6. Processing web content may lead to arbitrary code execution."
"value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5, iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, Safari 16.6. Processing web content may disclose sensitive information."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Processing web content may lead to arbitrary code execution"
"value": "Processing web content may disclose sensitive information"
}
]
}

4
2023/38xxx/CVE-2023-38600.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, tvOS 16.6, watchOS 9.6, Safari 16.6, macOS Ventura 13.5. Processing web content may disclose sensitive information."
"value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, watchOS 9.6, Safari 16.6. Processing web content may lead to arbitrary code execution."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Processing web content may disclose sensitive information"
"value": "Processing web content may lead to arbitrary code execution"
}
]
}

4
2023/38xxx/CVE-2023-38611.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, tvOS 16.6, watchOS 9.6, Safari 16.6, macOS Ventura 13.5. Processing web content may disclose sensitive information."
"value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, watchOS 9.6, Safari 16.6. Processing web content may lead to arbitrary code execution."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Processing web content may disclose sensitive information"
"value": "Processing web content may lead to arbitrary code execution"
}
]
}