๐Ÿ” CVE Alert

CVE-2023-42916

MEDIUM 6.5 โš ๏ธ CISA KEV
CVSS Score
6.5
EPSS Score
0.0%
EPSS Percentile
0th

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1.

Vendor apple
Product safari
Ecosystems
Industries
Technology
Published Nov 30, 2023
Last Updated Oct 21, 2025
โš ๏ธ Actively Exploited โ€” Act Now

Get instant alerts for apple safari

This vulnerability is actively exploited in the wild. Set up free real-time alerts so you're first to know about threats like CVE-2023-42916.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

Apple / Safari
unspecified < 17.1
Apple / macOS
unspecified < 14.1
Apple / iOS and iPadOS
unspecified < 17.1

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
support.apple.com: https://support.apple.com/en-us/HT214033 support.apple.com: https://support.apple.com/en-us/HT214032 support.apple.com: https://support.apple.com/en-us/HT214031 support.apple.com: https://support.apple.com/kb/HT214033 openwall.com: http://www.openwall.com/lists/oss-security/2023/12/05/1 lists.fedoraproject.org: https://lists.fedoraproject.org/archives/list/[email protected]/message/P5LQS6VEI7VIZNC7QGQ62EOV45R5RJIR/ lists.fedoraproject.org: https://lists.fedoraproject.org/archives/list/[email protected]/message/AD2KIHHCUBQC2YYH3FJWAHI5BG3QETOH/ support.apple.com: https://support.apple.com/kb/HT214034 debian.org: https://www.debian.org/security/2023/dsa-5575 seclists.org: http://seclists.org/fulldisclosure/2023/Dec/3 seclists.org: http://seclists.org/fulldisclosure/2023/Dec/4 seclists.org: http://seclists.org/fulldisclosure/2023/Dec/5 seclists.org: http://seclists.org/fulldisclosure/2023/Dec/8 seclists.org: http://seclists.org/fulldisclosure/2023/Dec/13 seclists.org: http://seclists.org/fulldisclosure/2023/Dec/12 security.gentoo.org: https://security.gentoo.org/glsa/202401-04 support.apple.com: https://support.apple.com/kb/HT214062 seclists.org: http://seclists.org/fulldisclosure/2024/Jan/35 cisa.gov: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-42916