- Description
- An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, Safari 16.5, iOS 16.5 and iPadOS 16.5. Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been actively exploited.
- Source
- product-security@apple.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 6.5
- Impact score
- 3.6
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
Data from CISA
- Vulnerability name
- Apple Multiple Products WebKit Out-of-Bounds Read Vulnerability
- Exploit added on
- May 22, 2023
- Exploit action due
- Jun 12, 2023
- Required action
- Apply updates per vendor instructions.
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "21B2F081-D602-4C84-8343-6327B23176D1",
"versionEndExcluding": "16.5"
},
{
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4EC9E481-57D3-4F4D-A8D2-7DA0272F0706",
"versionEndExcluding": "15.7.6"
},
{
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "830FA87A-4E89-4E04-A8AF-A1FF08D77B2E",
"versionEndExcluding": "16.5",
"versionStartIncluding": "16.0"
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8B89F737-4ADD-424C-A946-F368A7ABBE6D",
"versionEndExcluding": "15.7.6"
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "424F077B-6678-4CE3-A216-C98E6D48F8AC",
"versionEndExcluding": "16.5",
"versionStartIncluding": "16.0"
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DA07361B-D827-471F-9443-4BE4265D6A3B",
"versionEndExcluding": "13.4",
"versionStartIncluding": "13.0"
},
{
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D36613A6-BD83-4A57-8EE1-C186EB69DFF9",
"versionEndExcluding": "16.5"
},
{
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BE5DB973-7B51-4232-8E1D-231078FE275C",
"versionEndExcluding": "9.5"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:webkitgtk:webkitgtk\\+:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8C7F88F0-0092-4338-A52F-1A2ED27460B5",
"versionEndExcluding": "2.42.3"
}
],
"operator": "OR"
}
]
}
]