CVE-2023-42875
Public on 2025-04-11
Modified on 2025-07-21
Description
Processing web content may lead to arbitrary code execution. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14, watchOS 10, tvOS 17, Safari 17. The issue was addressed with improved memory handling.
Re-evaluation requested: https://webkitgtk.org/security/WSA-2025-0004.html#CVE-2023-42875
From this advisory, it is clear that this vulnerability affects versions before 2.42.0. Marking as not affected
Re-evaluation requested: https://webkitgtk.org/security/WSA-2025-0004.html#CVE-2023-42875
From this advisory, it is clear that this vulnerability affects versions before 2.42.0. Marking as not affected
CVSS v3 Base Score
See breakdown
Affected Packages
| Platform | Package | Release Date | Advisory | Status |
|---|---|---|---|---|
| Amazon Linux 2 - Core | webkitgtk3 | No Fix Planned | ||
| Amazon Linux 2 - Core | webkitgtk4 | Not Affected |
CVSS Scores
| Score Type | Score | Vector | |
|---|---|---|---|
| Amazon Linux | CVSSv3 | 8.8 | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
| NVD | CVSSv3 | 7.3 | CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N |