{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-28198", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "state": "PUBLISHED", "assignerShortName": "apple", "dateReserved": "2023-03-13T18:37:25.757Z", "datePublished": "2023-08-14T22:40:37.966Z", "dateUpdated": "2025-02-13T16:48:32.183Z"}, "containers": {"cna": {"problemTypes": [{"descriptions": [{"lang": "en", "description": "Processing web content may lead to arbitrary code execution"}]}], "affected": [{"vendor": "Apple", "product": "macOS", "versions": [{"version": "unspecified", "status": "affected", "lessThan": "13.3", "versionType": "custom"}]}, {"vendor": "Apple", "product": "iOS and iPadOS", "versions": [{"version": "unspecified", "status": "affected", "lessThan": "16.4", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. Processing web content may lead to arbitrary code execution."}], "references": [{"url": "https://support.apple.com/en-us/HT213670"}, {"url": "https://support.apple.com/en-us/HT213676"}, {"url": "http://www.openwall.com/lists/oss-security/2023/09/11/1"}, {"url": "https://security.gentoo.org/glsa/202401-04"}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2024-01-05T14:06:22.923Z"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T12:30:24.616Z"}, "title": "CVE Program Container", "references": [{"url": "https://support.apple.com/en-us/HT213670", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/en-us/HT213676", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2023/09/11/1", "tags": ["x_transferred"]}, {"url": "https://security.gentoo.org/glsa/202401-04", "tags": ["x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", "matchCriteriaId": "EE68C5EC-5829-481D-BFF7-0A501018A3CE", "versionEndExcluding": "16.4", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "matchCriteriaId": "F02C0CA5-8ABA-48C7-BCAE-5CF25435DF87", "versionEndExcluding": "16.4", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96", "versionEndExcluding": "13.3", "versionStartIncluding": "13.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:webkitgtk:webkitgtk:*:*:*:*:*:*:*:*", "matchCriteriaId": "A007F029-38D8-4D0D-8DF2-A2F6CB9ADE60", "versionEndExcluding": "2.40.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:wpewebkit:wpe_webkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "8C1E75F9-1855-4668-8E78-2A6F0F4FCBA1", "versionEndExcluding": "2.40.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. Processing web content may lead to arbitrary code execution."}, {"lang": "es", "value": "Se ha solucionado un problema de use-after-free con una mejora en la gesti\u00f3n de memoria. Este problema se ha solucionado en iOS 16.4 y iPadOS 16.4, macOS Ventura 13.3. El procesamiento de contenido web puede dar lugar a la ejecuci\u00f3n de c\u00f3digo arbitrario."}], "id": "CVE-2023-28198", "lastModified": "2024-11-21T07:54:34.807", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-08-14T23:15:10.830", "references": [{"source": "product-security@apple.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2023/09/11/1"}, {"source": "product-security@apple.com", "url": "https://security.gentoo.org/glsa/202401-04"}, {"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT213670"}, {"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT213676"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2023/09/11/1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.gentoo.org/glsa/202401-04"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT213670"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT213676"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-416"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2023:4202", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "webkit2gtk3-0:2.38.5-1.el8_8.5", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2023-07-18T00:00:00Z"}, {"advisory": "RHSA-2023:7055", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "webkit2gtk3-0:2.40.5-1.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2023-11-14T00:00:00Z"}, {"advisory": "RHSA-2023:4201", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "webkit2gtk3-0:2.38.5-1.el9_2.3", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2023-07-18T00:00:00Z"}, {"advisory": "RHSA-2023:6535", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "webkit2gtk3-0:2.40.5-1.el9", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2023-11-07T00:00:00Z"}], "bugzilla": {"description": "webkitgtk: use after free vulnerability", "id": "2238943", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2238943"}, "csaw": false, "cvss3": {"cvss3_base_score": "8.8", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-416", "details": ["A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. Processing web content may lead to arbitrary code execution.", "A vulnerability was found in WebKit. When processing web content, it may lead to arbitrary code execution."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2023-28198", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "webkitgtk", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "webkitgtk3", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "webkitgtk4", "product_name": "Red Hat Enterprise Linux 7"}], "public_date": "2023-09-06T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-28198\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-28198\nhttps://webkitgtk.org/security/WSA-2023-0008.html"], "statement": "This flaw is being rated as 'Moderate' as the WebKitGTK package is shipped as a dependency for the Gnome package. Additionally, Red Hat Enterprise Linux doesn't ship any WebKitGTK based web browser where this flaw would present a higher severity major threat.", "threat_severity": "Moderate"}