ByteOS Network

NVD Vulnerability Details :

CVE-2023-32373

Analyzed

Source-product-security@apple.com

View Known Exploited Vulnerability (KEV) details

Published At-23 Jun, 2023 | 18:15

Updated At-23 Oct, 2025 | 18:48

A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, Safari 16.5, iOS 16.5 and iPadOS 16.5. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

CISA Catalog

Date Added	Due Date	Vulnerability Name	Required Action
2023-05-22	2023-06-12	Apple Multiple Products WebKit Use-After-Free Vulnerability	Apply updates per vendor instructions.

Date Added: 2023-05-22

Due Date: 2023-06-12

Vulnerability Name: Apple Multiple Products WebKit Use-After-Free Vulnerability

Required Action: Apply updates per vendor instructions.

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	8.8	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Secondary	3.1	8.8	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Type: Primary

Version: 3.1

Base score: 8.8

Base severity: HIGH

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Type: Secondary

Version: 3.1

Base score: 8.8

Base severity: HIGH

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CPE Matches

Apple Inc.

>>safari>>Versions before 16.5(exclusive)

cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*

Apple Inc.

>>ipados>>Versions before 15.7.6(exclusive)

cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*

Apple Inc.

>>ipados>>Versions from 16.0(inclusive) to 16.5(exclusive)

cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*

Apple Inc.

>>iphone_os>>Versions from 15.0(inclusive) to 15.7.6(exclusive)

cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

Apple Inc.

>>iphone_os>>Versions from 16.0(inclusive) to 16.5(exclusive)

cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

Apple Inc.

>>macos>>Versions before 13.4(exclusive)

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Apple Inc.

>>tvos>>Versions before 16.5(exclusive)

cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*

Apple Inc.

>>watchos>>Versions before 9.5(exclusive)

cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*

Red Hat, Inc.

>>enterprise_linux>>6.0

cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*

Red Hat, Inc.

>>enterprise_linux>>7.0

cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

Red Hat, Inc.

>>enterprise_linux>>8.0

cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

Red Hat, Inc.

>>enterprise_linux>>9.0

cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*

webkitgtk>>webkitgtk\+>>Versions before 2.42.3(exclusive)

cpe:2.3:a:webkitgtk:webkitgtk\+:*:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-416	Primary	nvd@nist.gov
CWE-416	Secondary	134c704f-9b21-4f2e-91b3-4a467353bcc0

CWE ID: CWE-416

Type: Primary

Source: nvd@nist.gov

CWE ID: CWE-416

Type: Secondary

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

References

Hyperlink	Source	Resource
https://security.gentoo.org/glsa/202401-04	product-security@apple.com	Third Party Advisory
https://support.apple.com/en-us/HT213757	product-security@apple.com	Release Notes Vendor Advisory
https://support.apple.com/en-us/HT213758	product-security@apple.com	Release Notes Vendor Advisory
https://support.apple.com/en-us/HT213761	product-security@apple.com	Release Notes Vendor Advisory
https://support.apple.com/en-us/HT213762	product-security@apple.com	Release Notes Vendor Advisory
https://support.apple.com/en-us/HT213764	product-security@apple.com	Release Notes Vendor Advisory
https://support.apple.com/en-us/HT213765	product-security@apple.com	Release Notes Vendor Advisory
https://security.gentoo.org/glsa/202401-04	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory
https://support.apple.com/en-us/HT213757	af854a3a-2127-422b-91ae-364da2661108	Release Notes Vendor Advisory
https://support.apple.com/en-us/HT213758	af854a3a-2127-422b-91ae-364da2661108	Release Notes Vendor Advisory
https://support.apple.com/en-us/HT213761	af854a3a-2127-422b-91ae-364da2661108	Release Notes Vendor Advisory
https://support.apple.com/en-us/HT213762	af854a3a-2127-422b-91ae-364da2661108	Release Notes Vendor Advisory
https://support.apple.com/en-us/HT213764	af854a3a-2127-422b-91ae-364da2661108	Release Notes Vendor Advisory
https://support.apple.com/en-us/HT213765	af854a3a-2127-422b-91ae-364da2661108	Release Notes Vendor Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-32373	134c704f-9b21-4f2e-91b3-4a467353bcc0	US Government Resource