nvd-json-data-feeds/CVE-2023/CVE-2023-419xx/CVE-2023-41991.json

{
  "id": "CVE-2023-41991",
  "sourceIdentifier": "product-security@apple.com",
  "published": "2023-09-21T19:15:11.283",
  "lastModified": "2023-09-22T01:25:45.750",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
      "value": "A certificate validation issue was addressed. This issue is fixed in iOS 16.7 and iPadOS 16.7, OS 17.0.1 and iPadOS 17.0.1, watchOS 9.6.3, macOS Ventura 13.6, watchOS 10.0.1. A malicious app may be able to bypass signature validation. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7."
    }
  ],
  "metrics": {},
  "references": [
    {
      "url": "https://support.apple.com/en-us/HT213926",
      "source": "product-security@apple.com"
    },
    {
      "url": "https://support.apple.com/en-us/HT213927",
      "source": "product-security@apple.com"
    },
    {
      "url": "https://support.apple.com/en-us/HT213928",
      "source": "product-security@apple.com"
    },
    {
      "url": "https://support.apple.com/en-us/HT213929",
      "source": "product-security@apple.com"
    },
    {
      "url": "https://support.apple.com/en-us/HT213931",
      "source": "product-security@apple.com"
    },
    {
      "url": "https://support.apple.com/kb/HT213926",
      "source": "product-security@apple.com"
    }
  ]
}
Auto-Update: 2023-09-21T20:00:24.924457+00:00 2023-09-21 20:00:28 +00:00			`{`
			`"id": "CVE-2023-41991",`
			`"sourceIdentifier": "product-security@apple.com",`
			`"published": "2023-09-21T19:15:11.283",`
Auto-Update: 2023-09-22T02:00:24.866060+00:00 2023-09-22 02:00:28 +00:00			`"lastModified": "2023-09-22T01:25:45.750",`
			`"vulnStatus": "Awaiting Analysis",`
Auto-Update: 2023-09-21T20:00:24.924457+00:00 2023-09-21 20:00:28 +00:00			`"descriptions": [`
			`{`
			`"lang": "en",`
			`"value": "A certificate validation issue was addressed. This issue is fixed in iOS 16.7 and iPadOS 16.7, OS 17.0.1 and iPadOS 17.0.1, watchOS 9.6.3, macOS Ventura 13.6, watchOS 10.0.1. A malicious app may be able to bypass signature validation. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7."`
			`}`
			`],`
			`"metrics": {},`
			`"references": [`
			`{`
			`"url": "https://support.apple.com/en-us/HT213926",`
			`"source": "product-security@apple.com"`
			`},`
			`{`
			`"url": "https://support.apple.com/en-us/HT213927",`
			`"source": "product-security@apple.com"`
			`},`
			`{`
			`"url": "https://support.apple.com/en-us/HT213928",`
			`"source": "product-security@apple.com"`
			`},`
			`{`
			`"url": "https://support.apple.com/en-us/HT213929",`
			`"source": "product-security@apple.com"`
			`},`
			`{`
			`"url": "https://support.apple.com/en-us/HT213931",`
			`"source": "product-security@apple.com"`
Auto-Update: 2023-09-21T22:00:24.060387+00:00 2023-09-21 22:00:27 +00:00			`},`
			`{`
			`"url": "https://support.apple.com/kb/HT213926",`
			`"source": "product-security@apple.com"`
Auto-Update: 2023-09-21T20:00:24.924457+00:00 2023-09-21 20:00:28 +00:00			`}`
			`]`
			`}`