CVE-2023-42970
Public on 2025-04-11
Modified on 2025-07-21
Description
A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14, watchOS 10, tvOS 17, Safari 17. Processing web content may lead to arbitrary code execution.
Re-evaluation requested: https://webkitgtk.org/security/WSA-2025-0004.html#CVE-2023-42970
From this advisory, it is clear that this vulnerability affects versions before 2.42.0. Marking as not affected
Re-evaluation requested: https://webkitgtk.org/security/WSA-2025-0004.html#CVE-2023-42970
From this advisory, it is clear that this vulnerability affects versions before 2.42.0. Marking as not affected
CVSS v3 Base Score
See breakdown
Affected Packages
| Platform | Package | Release Date | Advisory | Status |
|---|---|---|---|---|
| Amazon Linux 2 - Core | webkitgtk3 | No Fix Planned | ||
| Amazon Linux 2 - Core | webkitgtk4 | Not Affected |
CVSS Scores
| Score Type | Score | Vector | |
|---|---|---|---|
| Amazon Linux | CVSSv3 | 8.8 | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
| NVD | CVSSv3 | 8.8 | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |