CVE-2023-42875

CVE Database · CVE-2023-42875

CVE-2023-42875

· HIGHAnalyzed

CVSS v3.1

7.3

EPSS

0.41%

Published

Apr 11, 2025

Modified

Apr 25, 2025

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Processing web content may lead to arbitrary code execution. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14, watchOS 10, tvOS 17, Safari 17. The issue was addressed with improved memory handling.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N

Weaknesses (CWE)

CWE-94

Affected Products (6)

apple · safari (up to 17.0)vulnerable

apple · ipados (up to 17.0)vulnerable

apple · iphone_os (up to 17.0)vulnerable

apple · macos (up to 14.0)vulnerable

apple · tvos (up to 17.0)vulnerable

apple · watchos (up to 10.0)vulnerable

References (5)

https://support.apple.com/en-us/120330

Release NotesVendor Advisory

https://support.apple.com/en-us/120947

Release NotesVendor Advisory

https://support.apple.com/en-us/120948

Release NotesVendor Advisory

https://support.apple.com/en-us/120949

Release NotesVendor Advisory

https://support.apple.com/en-us/120950

Release NotesVendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs