CVE-2023-43000

Summary

A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.5, iOS 16.6 and iPadOS 16.6, Safari 16.6, iOS 15.8.7 and iPadOS 15.8.7. Processing maliciously crafted web content may lead to memory corruption.

Affected Software

VendorProductVersion RangeStatus
ApplemacOSunspecified < 13.5affected
AppleiOS and iPadOSunspecified < 16.6affected
AppleSafariunspecified < 16.6affected
AppleiOS and iPadOSunspecified < 15.8.7affected

Weaknesses

  • Processing maliciously crafted web content may lead to memory corruption

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:

  • Exploitation: none

    • Automatable: no
    • Technical Impact: total
  • SSVC:

  • Exploitation: active

    • Automatable: no
    • Technical Impact: total

Additional References

References