CVE-2023-42875
Public on 2025-04-11
Modified on 2025-05-19
Description
Processing web content may lead to arbitrary code execution. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14, watchOS 10, tvOS 17, Safari 17. The issue was addressed with improved memory handling.
Severity
Important
CVSS v3 Base Score
See breakdown
Affected Packages
| Platform | Package | Release Date | Advisory | Status |
|---|---|---|---|---|
| Amazon Linux 2 - Core | webkitgtk3 | No Fix Planned | ||
| Amazon Linux 2 - Core | webkitgtk4 | Pending Fix |
CVSS Scores
| Score Type | Score | Vector | |
|---|---|---|---|
| Amazon Linux | CVSSv3 | 8.8 | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
| NVD | CVSSv3 | 7.3 | CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N |