From f3723e2070be5c8f36c7138c769bd5ccfb84ef11 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 25 Oct 2023 19:00:32 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2017/8xxx/CVE-2017-8625.json | 10 +-- 2023/32xxx/CVE-2023-32359.json | 54 ++++++++++++-- 2023/40xxx/CVE-2023-40401.json | 54 ++++++++++++-- 2023/40xxx/CVE-2023-40404.json | 54 ++++++++++++-- 2023/40xxx/CVE-2023-40405.json | 54 ++++++++++++-- 2023/40xxx/CVE-2023-40408.json | 93 ++++++++++++++++++++++-- 2023/40xxx/CVE-2023-40413.json | 103 ++++++++++++++++++++++++-- 2023/40xxx/CVE-2023-40416.json | 86 ++++++++++++++++++++-- 2023/40xxx/CVE-2023-40421.json | 64 +++++++++++++++-- 2023/40xxx/CVE-2023-40423.json | 86 ++++++++++++++++++++-- 2023/40xxx/CVE-2023-40425.json | 54 ++++++++++++-- 2023/40xxx/CVE-2023-40444.json | 54 ++++++++++++-- 2023/40xxx/CVE-2023-40445.json | 54 ++++++++++++-- 2023/40xxx/CVE-2023-40447.json | 127 +++++++++++++++++++++++++++++++-- 2023/40xxx/CVE-2023-40449.json | 86 ++++++++++++++++++++-- 2023/41xxx/CVE-2023-41072.json | 71 ++++++++++++++++-- 2023/41xxx/CVE-2023-41077.json | 54 ++++++++++++-- 2023/41xxx/CVE-2023-41254.json | 98 +++++++++++++++++++++++-- 2023/41xxx/CVE-2023-41975.json | 64 +++++++++++++++-- 2023/41xxx/CVE-2023-41976.json | 127 +++++++++++++++++++++++++++++++-- 2023/41xxx/CVE-2023-41977.json | 71 ++++++++++++++++-- 2023/41xxx/CVE-2023-41982.json | 93 ++++++++++++++++++++++-- 2023/41xxx/CVE-2023-41983.json | 93 ++++++++++++++++++++++-- 2023/41xxx/CVE-2023-41988.json | 88 +++++++++++++++++++++-- 2023/41xxx/CVE-2023-41989.json | 54 ++++++++++++-- 2023/41xxx/CVE-2023-41997.json | 93 ++++++++++++++++++++++-- 2023/42xxx/CVE-2023-42438.json | 54 ++++++++++++-- 2023/42xxx/CVE-2023-42824.json | 17 +---- 2023/42xxx/CVE-2023-42841.json | 81 +++++++++++++++++++-- 2023/42xxx/CVE-2023-42842.json | 54 ++++++++++++-- 2023/42xxx/CVE-2023-42844.json | 64 +++++++++++++++-- 2023/42xxx/CVE-2023-42845.json | 71 ++++++++++++++++-- 2023/42xxx/CVE-2023-42846.json | 93 ++++++++++++++++++++++-- 2023/42xxx/CVE-2023-42847.json | 71 ++++++++++++++++-- 2023/42xxx/CVE-2023-42849.json | 103 ++++++++++++++++++++++++-- 2023/42xxx/CVE-2023-42850.json | 54 ++++++++++++-- 2023/42xxx/CVE-2023-42852.json | 127 +++++++++++++++++++++++++++++++-- 2023/42xxx/CVE-2023-42854.json | 64 +++++++++++++++-- 2023/42xxx/CVE-2023-42856.json | 64 +++++++++++++++-- 2023/42xxx/CVE-2023-42857.json | 71 ++++++++++++++++-- 2023/42xxx/CVE-2023-42861.json | 54 ++++++++++++-- 2023/46xxx/CVE-2023-46747.json | 18 +++++ 2023/46xxx/CVE-2023-46748.json | 18 +++++ 2023/46xxx/CVE-2023-46749.json | 18 +++++ 44 files changed, 2858 insertions(+), 177 deletions(-) create mode 100644 2023/46xxx/CVE-2023-46747.json create mode 100644 2023/46xxx/CVE-2023-46748.json create mode 100644 2023/46xxx/CVE-2023-46749.json diff --git a/2017/8xxx/CVE-2017-8625.json b/2017/8xxx/CVE-2017-8625.json index f754a48190e..15bcba4fcaa 100644 --- a/2017/8xxx/CVE-2017-8625.json +++ b/2017/8xxx/CVE-2017-8625.json @@ -58,11 +58,6 @@ "refsource": "CONFIRM", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8625" }, - { - "name": "https://msitpros.com/?p=3909", - "refsource": "MISC", - "url": "https://msitpros.com/?p=3909" - }, { "name": "https://posts.specterops.io/umci-vs-internet-explorer-exploring-cve-2017-8625-3946536c6442", "refsource": "MISC", @@ -77,6 +72,11 @@ "name": "1039112", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1039112" + }, + { + "refsource": "MISC", + "name": "https://oddvar.moe/2017/08/13/bypassing-device-guard-umci-using-chm-cve-2017-8625/", + "url": "https://oddvar.moe/2017/08/13/bypassing-device-guard-umci-using-chm-cve-2017-8625/" } ] } diff --git a/2023/32xxx/CVE-2023-32359.json b/2023/32xxx/CVE-2023-32359.json index 5b61f85aab7..19b28fa6aa4 100644 --- a/2023/32xxx/CVE-2023-32359.json +++ b/2023/32xxx/CVE-2023-32359.json @@ -1,17 +1,63 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-32359", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.7.2 and iPadOS 16.7.2. A user's password may be read aloud by VoiceOver." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A user's password may be read aloud by VoiceOver" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "16.7" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213981", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213981" } ] } diff --git a/2023/40xxx/CVE-2023-40401.json b/2023/40xxx/CVE-2023-40401.json index 7ff7ae66afb..add950d6869 100644 --- a/2023/40xxx/CVE-2023-40401.json +++ b/2023/40xxx/CVE-2023-40401.json @@ -1,17 +1,63 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-40401", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with additional permissions checks. This issue is fixed in macOS Ventura 13.6.1. An attacker may be able to access passkeys without authentication." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An attacker may be able to access passkeys without authentication" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "13.6" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213985", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213985" } ] } diff --git a/2023/40xxx/CVE-2023-40404.json b/2023/40xxx/CVE-2023-40404.json index 9c4539745d4..d1f4873fe6c 100644 --- a/2023/40xxx/CVE-2023-40404.json +++ b/2023/40xxx/CVE-2023-40404.json @@ -1,17 +1,63 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-40404", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Sonoma 14.1. An app may be able to execute arbitrary code with kernel privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to execute arbitrary code with kernel privileges" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213984", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213984" } ] } diff --git a/2023/40xxx/CVE-2023-40405.json b/2023/40xxx/CVE-2023-40405.json index 673c4b0a53b..942fa0c18ef 100644 --- a/2023/40xxx/CVE-2023-40405.json +++ b/2023/40xxx/CVE-2023-40405.json @@ -1,17 +1,63 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-40405", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14.1. An app may be able to read sensitive location information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to read sensitive location information" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213984", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213984" } ] } diff --git a/2023/40xxx/CVE-2023-40408.json b/2023/40xxx/CVE-2023-40408.json index ec3e4f08da4..4d0bddecba3 100644 --- a/2023/40xxx/CVE-2023-40408.json +++ b/2023/40xxx/CVE-2023-40408.json @@ -1,17 +1,102 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-40408", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1. Hide My Email may be deactivated unexpectedly." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Hide My Email may be deactivated unexpectedly" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "16.7" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.1" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "10.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213981", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213981" + }, + { + "url": "https://support.apple.com/en-us/HT213984", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213984" + }, + { + "url": "https://support.apple.com/en-us/HT213988", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213988" + }, + { + "url": "https://support.apple.com/en-us/HT213982", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213982" } ] } diff --git a/2023/40xxx/CVE-2023-40413.json b/2023/40xxx/CVE-2023-40413.json index 98e42d22334..8565822f1f4 100644 --- a/2023/40xxx/CVE-2023-40413.json +++ b/2023/40xxx/CVE-2023-40413.json @@ -1,17 +1,112 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-40413", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved handling of caches. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Monterey 12.7.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. An app may be able to read sensitive location information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to read sensitive location information" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "16.7" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.1" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "10.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213981", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213981" + }, + { + "url": "https://support.apple.com/en-us/HT213984", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213984" + }, + { + "url": "https://support.apple.com/en-us/HT213988", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213988" + }, + { + "url": "https://support.apple.com/en-us/HT213985", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213985" + }, + { + "url": "https://support.apple.com/en-us/HT213982", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213982" + }, + { + "url": "https://support.apple.com/en-us/HT213983", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213983" } ] } diff --git a/2023/40xxx/CVE-2023-40416.json b/2023/40xxx/CVE-2023-40416.json index b59173acf52..31589a56664 100644 --- a/2023/40xxx/CVE-2023-40416.json +++ b/2023/40xxx/CVE-2023-40416.json @@ -1,17 +1,95 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-40416", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Monterey 12.7.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. Processing an image may result in disclosure of process memory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing an image may result in disclosure of process memory" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "16.7" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213981", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213981" + }, + { + "url": "https://support.apple.com/en-us/HT213984", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213984" + }, + { + "url": "https://support.apple.com/en-us/HT213985", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213985" + }, + { + "url": "https://support.apple.com/en-us/HT213982", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213982" + }, + { + "url": "https://support.apple.com/en-us/HT213983", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213983" } ] } diff --git a/2023/40xxx/CVE-2023-40421.json b/2023/40xxx/CVE-2023-40421.json index b980a97ffa6..395633232fa 100644 --- a/2023/40xxx/CVE-2023-40421.json +++ b/2023/40xxx/CVE-2023-40421.json @@ -1,17 +1,73 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-40421", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. An app may be able to access sensitive user data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to access sensitive user data" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213984", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213984" + }, + { + "url": "https://support.apple.com/en-us/HT213985", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213985" + }, + { + "url": "https://support.apple.com/en-us/HT213983", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213983" } ] } diff --git a/2023/40xxx/CVE-2023-40423.json b/2023/40xxx/CVE-2023-40423.json index 0bdc9496b6c..ed3ea692911 100644 --- a/2023/40xxx/CVE-2023-40423.json +++ b/2023/40xxx/CVE-2023-40423.json @@ -1,17 +1,95 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-40423", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Monterey 12.7.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. An app may be able to execute arbitrary code with kernel privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to execute arbitrary code with kernel privileges" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "16.7" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213981", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213981" + }, + { + "url": "https://support.apple.com/en-us/HT213984", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213984" + }, + { + "url": "https://support.apple.com/en-us/HT213985", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213985" + }, + { + "url": "https://support.apple.com/en-us/HT213982", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213982" + }, + { + "url": "https://support.apple.com/en-us/HT213983", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213983" } ] } diff --git a/2023/40xxx/CVE-2023-40425.json b/2023/40xxx/CVE-2023-40425.json index 997e8c630c4..e225d164b07 100644 --- a/2023/40xxx/CVE-2023-40425.json +++ b/2023/40xxx/CVE-2023-40425.json @@ -1,17 +1,63 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-40425", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Monterey 12.7.1. An app with root privileges may be able to access private information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app with root privileges may be able to access private information" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "12.7" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213983", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213983" } ] } diff --git a/2023/40xxx/CVE-2023-40444.json b/2023/40xxx/CVE-2023-40444.json index 69f06640e05..28f5918733b 100644 --- a/2023/40xxx/CVE-2023-40444.json +++ b/2023/40xxx/CVE-2023-40444.json @@ -1,17 +1,63 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-40444", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.1. An app may be able to access user-sensitive data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to access user-sensitive data" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213984", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213984" } ] } diff --git a/2023/40xxx/CVE-2023-40445.json b/2023/40xxx/CVE-2023-40445.json index 74c7041c10f..236511493cf 100644 --- a/2023/40xxx/CVE-2023-40445.json +++ b/2023/40xxx/CVE-2023-40445.json @@ -1,17 +1,63 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-40445", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved UI handling. This issue is fixed in iOS 17.1 and iPadOS 17.1. A device may persistently fail to lock." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A device may persistently fail to lock" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213982", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213982" } ] } diff --git a/2023/40xxx/CVE-2023-40447.json b/2023/40xxx/CVE-2023-40447.json index 3f0bfd3b9b7..f6eaa94ab4d 100644 --- a/2023/40xxx/CVE-2023-40447.json +++ b/2023/40xxx/CVE-2023-40447.json @@ -1,17 +1,136 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-40447", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 17.1 and iPadOS 17.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Sonoma 14.1, Safari 17.1, tvOS 17.1. Processing web content may lead to arbitrary code execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing web content may lead to arbitrary code execution" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "16.7" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.1" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.1" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.1" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "10.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213981", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213981" + }, + { + "url": "https://support.apple.com/en-us/HT213986", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213986" + }, + { + "url": "https://support.apple.com/en-us/HT213987", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213987" + }, + { + "url": "https://support.apple.com/en-us/HT213984", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213984" + }, + { + "url": "https://support.apple.com/en-us/HT213988", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213988" + }, + { + "url": "https://support.apple.com/en-us/HT213982", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213982" } ] } diff --git a/2023/40xxx/CVE-2023-40449.json b/2023/40xxx/CVE-2023-40449.json index 8d701ed4c93..4da0a548977 100644 --- a/2023/40xxx/CVE-2023-40449.json +++ b/2023/40xxx/CVE-2023-40449.json @@ -1,17 +1,95 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-40449", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Monterey 12.7.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. An app may be able to cause a denial-of-service." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to cause a denial-of-service" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "16.7" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213981", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213981" + }, + { + "url": "https://support.apple.com/en-us/HT213984", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213984" + }, + { + "url": "https://support.apple.com/en-us/HT213985", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213985" + }, + { + "url": "https://support.apple.com/en-us/HT213982", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213982" + }, + { + "url": "https://support.apple.com/en-us/HT213983", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213983" } ] } diff --git a/2023/41xxx/CVE-2023-41072.json b/2023/41xxx/CVE-2023-41072.json index 0f532e38907..3d3725a7cba 100644 --- a/2023/41xxx/CVE-2023-41072.json +++ b/2023/41xxx/CVE-2023-41072.json @@ -1,17 +1,80 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-41072", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. An app may be able to access sensitive user data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to access sensitive user data" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.1" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213984", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213984" + }, + { + "url": "https://support.apple.com/en-us/HT213982", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213982" } ] } diff --git a/2023/41xxx/CVE-2023-41077.json b/2023/41xxx/CVE-2023-41077.json index 69dd79b9267..f1b39272890 100644 --- a/2023/41xxx/CVE-2023-41077.json +++ b/2023/41xxx/CVE-2023-41077.json @@ -1,17 +1,63 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-41077", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.6.1. An app may be able to access protected user data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to access protected user data" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "13.6" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213985", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213985" } ] } diff --git a/2023/41xxx/CVE-2023-41254.json b/2023/41xxx/CVE-2023-41254.json index f78947c31ee..b7f904c0b83 100644 --- a/2023/41xxx/CVE-2023-41254.json +++ b/2023/41xxx/CVE-2023-41254.json @@ -1,17 +1,107 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-41254", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 17.1 and iPadOS 17.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. An app may be able to access sensitive user data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to access sensitive user data" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "16.7" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.1" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "10.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213981", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213981" + }, + { + "url": "https://support.apple.com/en-us/HT213984", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213984" + }, + { + "url": "https://support.apple.com/en-us/HT213988", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213988" + }, + { + "url": "https://support.apple.com/en-us/HT213985", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213985" + }, + { + "url": "https://support.apple.com/en-us/HT213982", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213982" } ] } diff --git a/2023/41xxx/CVE-2023-41975.json b/2023/41xxx/CVE-2023-41975.json index 3761aed6a4a..4f4018918f8 100644 --- a/2023/41xxx/CVE-2023-41975.json +++ b/2023/41xxx/CVE-2023-41975.json @@ -1,17 +1,73 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-41975", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. A website may be able to access the microphone without the microphone use indicator being shown." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A website may be able to access the microphone without the microphone use indicator being shown" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213984", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213984" + }, + { + "url": "https://support.apple.com/en-us/HT213985", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213985" + }, + { + "url": "https://support.apple.com/en-us/HT213983", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213983" } ] } diff --git a/2023/41xxx/CVE-2023-41976.json b/2023/41xxx/CVE-2023-41976.json index 7cb945e7452..66df47bcdae 100644 --- a/2023/41xxx/CVE-2023-41976.json +++ b/2023/41xxx/CVE-2023-41976.json @@ -1,17 +1,136 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-41976", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 17.1 and iPadOS 17.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Sonoma 14.1, Safari 17.1, tvOS 17.1. Processing web content may lead to arbitrary code execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing web content may lead to arbitrary code execution" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "16.7" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.1" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.1" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.1" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "10.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213981", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213981" + }, + { + "url": "https://support.apple.com/en-us/HT213986", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213986" + }, + { + "url": "https://support.apple.com/en-us/HT213987", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213987" + }, + { + "url": "https://support.apple.com/en-us/HT213984", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213984" + }, + { + "url": "https://support.apple.com/en-us/HT213988", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213988" + }, + { + "url": "https://support.apple.com/en-us/HT213982", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213982" } ] } diff --git a/2023/41xxx/CVE-2023-41977.json b/2023/41xxx/CVE-2023-41977.json index a313de7fd59..4482c321054 100644 --- a/2023/41xxx/CVE-2023-41977.json +++ b/2023/41xxx/CVE-2023-41977.json @@ -1,17 +1,80 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-41977", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved handling of caches. This issue is fixed in macOS Sonoma 14.1, iOS 16.7.2 and iPadOS 16.7.2. Visiting a malicious website may reveal browsing history." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Visiting a malicious website may reveal browsing history" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "16.7" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213981", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213981" + }, + { + "url": "https://support.apple.com/en-us/HT213984", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213984" } ] } diff --git a/2023/41xxx/CVE-2023-41982.json b/2023/41xxx/CVE-2023-41982.json index 6451625cc90..74832d81295 100644 --- a/2023/41xxx/CVE-2023-41982.json +++ b/2023/41xxx/CVE-2023-41982.json @@ -1,17 +1,102 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-41982", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Sonoma 14.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1. An attacker with physical access may be able to use Siri to access sensitive user data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An attacker with physical access may be able to use Siri to access sensitive user data" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "16.7" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.1" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "10.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213981", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213981" + }, + { + "url": "https://support.apple.com/en-us/HT213984", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213984" + }, + { + "url": "https://support.apple.com/en-us/HT213988", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213988" + }, + { + "url": "https://support.apple.com/en-us/HT213982", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213982" } ] } diff --git a/2023/41xxx/CVE-2023-41983.json b/2023/41xxx/CVE-2023-41983.json index e5af14af38f..d0914445a93 100644 --- a/2023/41xxx/CVE-2023-41983.json +++ b/2023/41xxx/CVE-2023-41983.json @@ -1,17 +1,102 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-41983", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.1, Safari 17.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1. Processing web content may lead to a denial-of-service." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing web content may lead to a denial-of-service" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "16.7" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.1" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213981", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213981" + }, + { + "url": "https://support.apple.com/en-us/HT213986", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213986" + }, + { + "url": "https://support.apple.com/en-us/HT213984", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213984" + }, + { + "url": "https://support.apple.com/en-us/HT213982", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213982" } ] } diff --git a/2023/41xxx/CVE-2023-41988.json b/2023/41xxx/CVE-2023-41988.json index ba1e247eb2d..990c1c32103 100644 --- a/2023/41xxx/CVE-2023-41988.json +++ b/2023/41xxx/CVE-2023-41988.json @@ -1,17 +1,97 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-41988", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Sonoma 14.1, watchOS 10.1, iOS 17.1 and iPadOS 17.1. An attacker with physical access may be able to use Siri to access sensitive user data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An attacker with physical access may be able to use Siri to access sensitive user data" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.1" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "10.1" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213984", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213984" + }, + { + "url": "https://support.apple.com/en-us/HT213988", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213988" + }, + { + "url": "https://support.apple.com/en-us/HT213982", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213982" } ] } diff --git a/2023/41xxx/CVE-2023-41989.json b/2023/41xxx/CVE-2023-41989.json index 75644a797c5..c4b45b21ef4 100644 --- a/2023/41xxx/CVE-2023-41989.json +++ b/2023/41xxx/CVE-2023-41989.json @@ -1,17 +1,63 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-41989", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Sonoma 14.1. An attacker may be able to execute arbitrary code as root from the Lock Screen." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An attacker may be able to execute arbitrary code as root from the Lock Screen" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213984", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213984" } ] } diff --git a/2023/41xxx/CVE-2023-41997.json b/2023/41xxx/CVE-2023-41997.json index f84b456c997..87c775e2aaa 100644 --- a/2023/41xxx/CVE-2023-41997.json +++ b/2023/41xxx/CVE-2023-41997.json @@ -1,17 +1,102 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-41997", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Sonoma 14.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1. An attacker with physical access may be able to use Siri to access sensitive user data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An attacker with physical access may be able to use Siri to access sensitive user data" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "16.7" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.1" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "10.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213981", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213981" + }, + { + "url": "https://support.apple.com/en-us/HT213984", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213984" + }, + { + "url": "https://support.apple.com/en-us/HT213988", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213988" + }, + { + "url": "https://support.apple.com/en-us/HT213982", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213982" } ] } diff --git a/2023/42xxx/CVE-2023-42438.json b/2023/42xxx/CVE-2023-42438.json index dd42f5bf642..0323240b633 100644 --- a/2023/42xxx/CVE-2023-42438.json +++ b/2023/42xxx/CVE-2023-42438.json @@ -1,17 +1,63 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-42438", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.1. Visiting a malicious website may lead to user interface spoofing." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Visiting a malicious website may lead to user interface spoofing" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213984", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213984" } ] } diff --git a/2023/42xxx/CVE-2023-42824.json b/2023/42xxx/CVE-2023-42824.json index 8b3b3b10f00..68ae20f557a 100644 --- a/2023/42xxx/CVE-2023-42824.json +++ b/2023/42xxx/CVE-2023-42824.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "The issue was addressed with improved checks. This issue is fixed in iOS 17.0.3 and iPadOS 17.0.3, iOS 16.7.1 and iPadOS 16.7.1. A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.6." + "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.7.1 and iPadOS 16.7.1. A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.6." } ] }, @@ -58,21 +58,6 @@ "url": "https://support.apple.com/en-us/HT213972", "refsource": "MISC", "name": "https://support.apple.com/en-us/HT213972" - }, - { - "url": "https://support.apple.com/en-us/HT213961", - "refsource": "MISC", - "name": "https://support.apple.com/en-us/HT213961" - }, - { - "url": "https://support.apple.com/kb/HT213972", - "refsource": "MISC", - "name": "https://support.apple.com/kb/HT213972" - }, - { - "url": "http://seclists.org/fulldisclosure/2023/Oct/16", - "refsource": "MISC", - "name": "http://seclists.org/fulldisclosure/2023/Oct/16" } ] } diff --git a/2023/42xxx/CVE-2023-42841.json b/2023/42xxx/CVE-2023-42841.json index 83769b36e58..39de1c741e0 100644 --- a/2023/42xxx/CVE-2023-42841.json +++ b/2023/42xxx/CVE-2023-42841.json @@ -1,17 +1,90 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-42841", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1. An app may be able to execute arbitrary code with kernel privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to execute arbitrary code with kernel privileges" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "16.7" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213981", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213981" + }, + { + "url": "https://support.apple.com/en-us/HT213984", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213984" + }, + { + "url": "https://support.apple.com/en-us/HT213985", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213985" + }, + { + "url": "https://support.apple.com/en-us/HT213982", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213982" } ] } diff --git a/2023/42xxx/CVE-2023-42842.json b/2023/42xxx/CVE-2023-42842.json index bc43dfd282b..3f0366d3daa 100644 --- a/2023/42xxx/CVE-2023-42842.json +++ b/2023/42xxx/CVE-2023-42842.json @@ -1,17 +1,63 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-42842", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1. An app may be able to access sensitive user data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to access sensitive user data" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213984", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213984" } ] } diff --git a/2023/42xxx/CVE-2023-42844.json b/2023/42xxx/CVE-2023-42844.json index b417a803ef1..dae2cde5c5a 100644 --- a/2023/42xxx/CVE-2023-42844.json +++ b/2023/42xxx/CVE-2023-42844.json @@ -1,17 +1,73 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-42844", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. A website may be able to access sensitive user data when resolving symlinks." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A website may be able to access sensitive user data when resolving symlinks" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213984", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213984" + }, + { + "url": "https://support.apple.com/en-us/HT213985", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213985" + }, + { + "url": "https://support.apple.com/en-us/HT213983", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213983" } ] } diff --git a/2023/42xxx/CVE-2023-42845.json b/2023/42xxx/CVE-2023-42845.json index 9093929af16..52138fd5e34 100644 --- a/2023/42xxx/CVE-2023-42845.json +++ b/2023/42xxx/CVE-2023-42845.json @@ -1,17 +1,80 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-42845", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An authentication issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. Photos in the Hidden Photos Album may be viewed without authentication." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Photos in the Hidden Photos Album may be viewed without authentication" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.1" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213984", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213984" + }, + { + "url": "https://support.apple.com/en-us/HT213982", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213982" } ] } diff --git a/2023/42xxx/CVE-2023-42846.json b/2023/42xxx/CVE-2023-42846.json index 907b334ddda..e65fe922901 100644 --- a/2023/42xxx/CVE-2023-42846.json +++ b/2023/42xxx/CVE-2023-42846.json @@ -1,17 +1,102 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-42846", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This issue was addressed by removing the vulnerable code. This issue is fixed in watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, tvOS 17.1, iOS 17.1 and iPadOS 17.1. A device may be passively tracked by its Wi-Fi MAC address." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A device may be passively tracked by its Wi-Fi MAC address" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "16.7" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.1" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "10.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213981", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213981" + }, + { + "url": "https://support.apple.com/en-us/HT213987", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213987" + }, + { + "url": "https://support.apple.com/en-us/HT213988", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213988" + }, + { + "url": "https://support.apple.com/en-us/HT213982", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213982" } ] } diff --git a/2023/42xxx/CVE-2023-42847.json b/2023/42xxx/CVE-2023-42847.json index fa27284bace..39507285c3e 100644 --- a/2023/42xxx/CVE-2023-42847.json +++ b/2023/42xxx/CVE-2023-42847.json @@ -1,17 +1,80 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-42847", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. An attacker may be able to access passkeys without authentication." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An attacker may be able to access passkeys without authentication" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.1" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213984", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213984" + }, + { + "url": "https://support.apple.com/en-us/HT213982", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213982" } ] } diff --git a/2023/42xxx/CVE-2023-42849.json b/2023/42xxx/CVE-2023-42849.json index 40b6e5c99a5..89d53931ad8 100644 --- a/2023/42xxx/CVE-2023-42849.json +++ b/2023/42xxx/CVE-2023-42849.json @@ -1,17 +1,112 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-42849", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Monterey 12.7.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "16.7" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.1" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "10.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213981", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213981" + }, + { + "url": "https://support.apple.com/en-us/HT213984", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213984" + }, + { + "url": "https://support.apple.com/en-us/HT213988", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213988" + }, + { + "url": "https://support.apple.com/en-us/HT213985", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213985" + }, + { + "url": "https://support.apple.com/en-us/HT213982", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213982" + }, + { + "url": "https://support.apple.com/en-us/HT213983", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213983" } ] } diff --git a/2023/42xxx/CVE-2023-42850.json b/2023/42xxx/CVE-2023-42850.json index 7be2d7bf981..88f6eb3b78b 100644 --- a/2023/42xxx/CVE-2023-42850.json +++ b/2023/42xxx/CVE-2023-42850.json @@ -1,17 +1,63 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-42850", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved permissions logic. This issue is fixed in macOS Sonoma 14.1. An app may be able to access sensitive user data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to access sensitive user data" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213984", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213984" } ] } diff --git a/2023/42xxx/CVE-2023-42852.json b/2023/42xxx/CVE-2023-42852.json index d07c18fd69a..3641b5a8d25 100644 --- a/2023/42xxx/CVE-2023-42852.json +++ b/2023/42xxx/CVE-2023-42852.json @@ -1,17 +1,136 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-42852", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A logic issue was addressed with improved checks. This issue is fixed in iOS 17.1 and iPadOS 17.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Sonoma 14.1, Safari 17.1, tvOS 17.1. Processing web content may lead to arbitrary code execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing web content may lead to arbitrary code execution" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "16.7" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.1" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.1" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.1" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "10.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213981", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213981" + }, + { + "url": "https://support.apple.com/en-us/HT213986", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213986" + }, + { + "url": "https://support.apple.com/en-us/HT213987", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213987" + }, + { + "url": "https://support.apple.com/en-us/HT213984", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213984" + }, + { + "url": "https://support.apple.com/en-us/HT213988", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213988" + }, + { + "url": "https://support.apple.com/en-us/HT213982", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213982" } ] } diff --git a/2023/42xxx/CVE-2023-42854.json b/2023/42xxx/CVE-2023-42854.json index 8b33f04cee3..5c4642cc6f6 100644 --- a/2023/42xxx/CVE-2023-42854.json +++ b/2023/42xxx/CVE-2023-42854.json @@ -1,17 +1,73 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-42854", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. An app may be able to cause a denial-of-service to Endpoint Security clients." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to cause a denial-of-service to Endpoint Security clients" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213984", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213984" + }, + { + "url": "https://support.apple.com/en-us/HT213985", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213985" + }, + { + "url": "https://support.apple.com/en-us/HT213983", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213983" } ] } diff --git a/2023/42xxx/CVE-2023-42856.json b/2023/42xxx/CVE-2023-42856.json index bfe314341f9..00eea758859 100644 --- a/2023/42xxx/CVE-2023-42856.json +++ b/2023/42xxx/CVE-2023-42856.json @@ -1,17 +1,73 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-42856", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. Processing a file may lead to unexpected app termination or arbitrary code execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing a file may lead to unexpected app termination or arbitrary code execution" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213984", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213984" + }, + { + "url": "https://support.apple.com/en-us/HT213985", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213985" + }, + { + "url": "https://support.apple.com/en-us/HT213983", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213983" } ] } diff --git a/2023/42xxx/CVE-2023-42857.json b/2023/42xxx/CVE-2023-42857.json index 53f2f9da9f4..4f619e2c3a9 100644 --- a/2023/42xxx/CVE-2023-42857.json +++ b/2023/42xxx/CVE-2023-42857.json @@ -1,17 +1,80 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-42857", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. An app may be able to access sensitive user data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to access sensitive user data" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.1" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213984", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213984" + }, + { + "url": "https://support.apple.com/en-us/HT213982", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213982" } ] } diff --git a/2023/42xxx/CVE-2023-42861.json b/2023/42xxx/CVE-2023-42861.json index 03b112869c3..5c0308a9ba5 100644 --- a/2023/42xxx/CVE-2023-42861.json +++ b/2023/42xxx/CVE-2023-42861.json @@ -1,17 +1,63 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-42861", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A logic issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.1. An attacker with knowledge of a standard user's credentials can unlock another standard user's locked screen on the same Mac." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An attacker with knowledge of a standard user's credentials can unlock another standard user's locked screen on the same Mac" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213984", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213984" } ] } diff --git a/2023/46xxx/CVE-2023-46747.json b/2023/46xxx/CVE-2023-46747.json new file mode 100644 index 00000000000..fd7d25c64e3 --- /dev/null +++ b/2023/46xxx/CVE-2023-46747.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-46747", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/46xxx/CVE-2023-46748.json b/2023/46xxx/CVE-2023-46748.json new file mode 100644 index 00000000000..f96a716fc2a --- /dev/null +++ b/2023/46xxx/CVE-2023-46748.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-46748", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/46xxx/CVE-2023-46749.json b/2023/46xxx/CVE-2023-46749.json new file mode 100644 index 00000000000..7a073ed8271 --- /dev/null +++ b/2023/46xxx/CVE-2023-46749.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-46749", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file