CVE-2023-28198

A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. Processing web content may lead to arbitrary code execution.

Published: Aug 15, 2023
Updated: Aug 20, 2023
CVE: CVE-2023-28198
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.8
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWEs:

CWE-416

Affected Software
References

Software	From	Fixed in
apple / macos	13.0	13.3
apple / iphone_os	-	16.4
apple / ipados	-	16.4
wpewebkit / wpe_webkit	-	2.40.1
webkitgtk / webkitgtk	-	2.40.1

http://www.openwall.com/lists/oss-security/2023/09/11/1
https://security.gentoo.org/glsa/202401-04
https://support.apple.com/en-us/HT213670
https://support.apple.com/en-us/HT213676

Vulnerability Database

289,599

CVE-2023-28198