CVE-2023-41074
Summary
| CVE | CVE-2023-41074 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2023-09-27 15:19:00 UTC |
| Updated | 2024-01-31 15:15:00 UTC |
| Description | The issue was addressed with improved checks. This issue is fixed in tvOS 17, Safari 17, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. Processing web content may lead to arbitrary code execution. |
Risk And Classification
Problem Types: NVD-CWE-noinfo
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Apple | Ipados | All | All | All | All |
| Operating System | Apple | Iphone Os | All | All | All | All |
| Operating System | Apple | Macos | All | All | All | All |
| Application | Apple | Safari | All | All | All | All |
| Operating System | Apple | Tvos | All | All | All | All |
| Operating System | Apple | Watchos | All | All | All | All |
| Operating System | Debian | Debian Linux | 11.0 | All | All | All |
| Operating System | Debian | Debian Linux | 12.0 | All | All | All |
| Operating System | Fedoraproject | Fedora | 37 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Full Disclosure: APPLE-SA-09-26-2023-2 macOS Sonoma 14 | MISC | seclists.org | |
| WebKitGTK+: Multiple Vulnerabilities (GLSA 202401-33) — Gentoo security | security.gentoo.org | ||
| Full Disclosure: APPLE-SA-09-26-2023-1 Safari 17 | MISC | seclists.org | |
| oss-security - WebKitGTK and WPE WebKit Security Advisory WSA-2023-0009 | MISC | www.openwall.com | |
| Debian -- Security Information -- DSA-5527-1 webkit2gtk | MISC | www.debian.org | |
| Full Disclosure: APPLE-SA-09-26-2023-9 tvOS 17 | MISC | seclists.org | |
| [SECURITY] Fedora 37 Update: webkitgtk-2.42.1-1.fc37 - package-announce - Fedora Mailing-Lists | MISC | lists.fedoraproject.org | |
| Full Disclosure: APPLE-SA-09-26-2023-8 watchOS 10 | MISC | seclists.org | |
| About the security content of watchOS 10 - Apple Support | MISC | support.apple.com | |
| About the security content of tvOS 17 - Apple Support | MISC | support.apple.com | |
| About the security content of iOS 17 and iPadOS 17 - Apple Support | MISC | support.apple.com | |
| Full Disclosure: APPLE-SA-09-26-2023-7 iOS 17 and iPadOS 17 | MISC | seclists.org | |
| About the security content of macOS Sonoma 14 - Apple Support | MISC | support.apple.com | |
| support.apple.com/en-us/HT213941 | MISC | support.apple.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 199822 Ubuntu Security Notification for WebKitGTK Vulnerabilities (USN-6426-1)
- 284627 Fedora Security Update for webkitgtk (FEDORA-2023-1536766e9f)
- 357018 Amazon Linux Security Advisory for webkitgtk4 : ALAS2-2024-2427
- 378902 Apple Safari Multiple Vulnerabilities (HT213941)
- 6000292 Debian Security Update for webkit2gtk (DSA 5527-1)
- 610525 Apple iOS 17 and iPadOS 17 Security Update Missing (HT213938)
- 710848 Gentoo Linux WebKitGTK+ Multiple Vulnerabilities (GLSA 202401-33)
- 755164 SUSE Enterprise Linux Security Update for webkit2gtk3 (SUSE-SU-2023:4211-1)
- 755166 SUSE Enterprise Linux Security Update for webkit2gtk3 (SUSE-SU-2023:4209-1)
- 755202 SUSE Enterprise Linux Security Update for webkit2gtk3 (SUSE-SU-2023:4294-1)
- 755555 SUSE Enterprise Linux Security Update for webkit2gtk3 (SUSE-SU-2024:0004-1)
- 755556 SUSE Enterprise Linux Security Update for webkit2gtk3 (SUSE-SU-2024:0003-1)
- 755557 SUSE Enterprise Linux Security Update for webkit2gtk3 (SUSE-SU-2024:0002-1)