admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 01:31:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2023/CVE-2023-282xx/CVE-2023-28205.json
René Helmke c95412b6ba Auto-Update: 2023-05-12T14:00:24.295716+00:00
2023-05-16 16:11:40 +02:00

137 lines
4.2 KiB
JSON
Raw Blame History

{
"id": "CVE-2023-28205",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-04-10T19:15:07.237",
"lastModified": "2023-05-12T12:15:09.467",
"vulnStatus": "Modified",
"cisaExploitAdd": "2023-04-10",
"cisaActionDue": "2023-05-01",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "Apple Multiple Products WebKit Use-After-Free Vulnerability",
"descriptions": [
{
"lang": "en",
"value": "A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.3.1, iOS 16.4.1 and iPadOS 16.4.1, iOS 15.7.5 and iPadOS 15.7.5, Safari 16.4.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.4.1",
"matchCriteriaId": "22BA2E4E-2C6C-47A8-810E-A67D1E8ABA88"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.7.5",
"matchCriteriaId": "968ADFDD-5716-4F75-BCA2-DD8486ED9618"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.4.1",
"matchCriteriaId": "8C1711DE-4691-42B7-8661-51B11C3E5B98"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.7.5",
"matchCriteriaId": "CE26F1A4-8813-40E4-B939-AFC1F75953CC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.4.1",
"matchCriteriaId": "96B6C1F1-6F18-43F9-83B6-58A214525B72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.3.1",
"matchCriteriaId": "39C8733E-1512-47A9-BC06-73276A0EFAF7"
}
]
}
]
}
],
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00011.html",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213720",
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/HT213721",
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/HT213722",
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/HT213723",
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink