The issue was addressed with improved bounds checks. This issue is fixed in watchOS 10.1, macOS Sonoma 14.1, tvOS 17.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.1. Processing a maliciously crafted image may lead to heap corruption.
History

Mon, 09 Dec 2024 17:45:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple ipad Os
Apple iphone Os
Apple macos
Apple tvos
Apple watchos
Weaknesses CWE-787
CPEs cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:14.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
Vendors & Products Apple
Apple ipad Os
Apple iphone Os
Apple macos
Apple tvos
Apple watchos

Mon, 26 Aug 2024 16:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-122
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published: 2024-02-21T06:42:02.006Z

Updated: 2024-08-26T15:09:19.798Z

Reserved: 2023-09-14T19:05:11.450Z

Link: CVE-2023-42848

cve-icon Vulnrichment

Updated: 2024-08-02T19:30:24.828Z

cve-icon NVD

Status : Analyzed

Published: 2024-02-21T07:15:49.113

Modified: 2024-12-09T17:26:04.510

Link: CVE-2023-42848

cve-icon Redhat

No data.