DEBIAN-CVE-2023-42917
Advisory lineage Upstream: 1 Downstream: 1
Upstream
Downstream
Published: 30 Nov 2023, 23:15
Last modified:17 Mar 2026, 02:43
Vulnerability Summary
Overall Risk (default)
medium
35/100 CVSS Score
8.8 HIGH
3.1 (osv_debian)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
30 Nov 2023, 23:15
Published
Vulnerability first disclosed
17 Mar 2026, 02:43
Last Modified
Vulnerability information updated
Description
A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1.
CVSS Metrics
- v3.1•HIGH•Score: 8.8CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Systems
- debian•webkit2gtk
< 2.42.3-1~deb11u1 | < 2.42.3-1~deb12u1 | < 2.42.3-1 | < 2.42.3-1
- debian•wpewebkit
all | all | < 2.42.3-1 | < 2.42.3-1