CVE-2023-38572

Published: Jul 27, 2023Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

The issue was addressed with improved checks. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6. A website may be able to bypass Same Origin Policy.

Affected (8)

Products: Apple: Ipados, Iphone Os, Macos, Safari, Tvos, Watchos

6 products

Configuration A

8 vulnerable

Vulnerable Software	Affected Versions
Apple Ipados	Before 15.7.8
Apple Ipados	From 16.0 to 16.6
Apple Iphone Os	Before 15.7.8
Apple Iphone Os	From 16.0 to 16.6
Apple Macos	From 13.0 to 13.5
Apple Safari	Before 16.6
Apple Tvos	Before 16.6
Apple Watchos	Before 9.6

References (22)

http://www.openwall.com/lists/oss-security/2023/08/02/1

Source: product-security@apple.com

Third Party Advisory

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJ4DG5LHWG2INDOTPB7MO4JVJN6LKL3M/

Source: product-security@apple.com

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KQXJYKTGLKI6TJEFJCKPHCNY7PS72OER/

Source: product-security@apple.com

https://security.gentoo.org/glsa/202401-04

Source: product-security@apple.com

https://support.apple.com/en-us/HT213841

Source: product-security@apple.com

Vendor Advisory

https://support.apple.com/en-us/HT213842

Source: product-security@apple.com

Vendor Advisory

https://support.apple.com/en-us/HT213843

Source: product-security@apple.com

Vendor Advisory

https://support.apple.com/en-us/HT213846

Source: product-security@apple.com

Vendor Advisory

https://support.apple.com/en-us/HT213847

Source: product-security@apple.com

Vendor Advisory

https://support.apple.com/en-us/HT213848

Source: product-security@apple.com

Vendor Advisory

https://www.debian.org/security/2023/dsa-5468

Source: product-security@apple.com

http://www.openwall.com/lists/oss-security/2023/08/02/1

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJ4DG5LHWG2INDOTPB7MO4JVJN6LKL3M/

Source: af854a3a-2127-422b-91ae-364da2661108

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KQXJYKTGLKI6TJEFJCKPHCNY7PS72OER/

Source: af854a3a-2127-422b-91ae-364da2661108

https://security.gentoo.org/glsa/202401-04

Source: af854a3a-2127-422b-91ae-364da2661108

https://support.apple.com/en-us/HT213841

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://support.apple.com/en-us/HT213842

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://support.apple.com/en-us/HT213843

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://support.apple.com/en-us/HT213846

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://support.apple.com/en-us/HT213847

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://support.apple.com/en-us/HT213848

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://www.debian.org/security/2023/dsa-5468

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.