CVE-2023-41993
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.
| Software | From | Fixed in |
|---|---|---|
| apple / macos | - | 14.0 |
| fedoraproject / fedora | 38 | 38.x |
| fedoraproject / fedora | 39 | 39.x |
| fedoraproject / fedora | 37 | 37.x |
| debian / debian_linux | 11.0 | 11.0.x |
| debian / debian_linux | 12.0 | 12.0.x |
| apple / ipados | - | 17.0.1 |
| apple / iphone_os | - | 17.0.1 |
| oracle / jdk | 1.8.0-update401 | 1.8.0-update401.x |
| oracle / jre | 1.8.0-update401 | 1.8.0-update401.x |
| oracle / graalvm | 21.3.9 | 21.3.9.x |
| oracle / graalvm | 20.3.13 | 20.3.13.x |
| webkitgtk / webkitgtk+ | - | 2.42.2 |
- http://seclists.org/fulldisclosure/2023/Oct/2
- http://seclists.org/fulldisclosure/2023/Oct/3
- http://seclists.org/fulldisclosure/2023/Oct/4
- http://seclists.org/fulldisclosure/2023/Sep/13
- http://seclists.org/fulldisclosure/2023/Sep/14
- http://seclists.org/fulldisclosure/2023/Sep/15
- http://seclists.org/fulldisclosure/2023/Sep/19
- http://www.openwall.com/lists/oss-security/2023/09/28/3
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4EEMDC5TQAANFH5D77QM34ZTUKXPFGVL/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ELXBV26Q54BIOVN5LBCJFM2G6VQZ7FO/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EYRHTFVN6FTXLZ27IPTNRSXKBAR2SOMA/
- https://security.gentoo.org/glsa/202401-33
- https://security.netapp.com/advisory/ntap-20240426-0004/
- https://support.apple.com/en-us/HT213926
- https://support.apple.com/en-us/HT213927
- https://support.apple.com/en-us/HT213930
- https://support.apple.com/en-us/HT213931
- https://support.apple.com/en-us/HT213940
- https://support.apple.com/en-us/HT213941
- https://support.apple.com/kb/HT213926
- https://support.apple.com/kb/HT213930
- https://webkitgtk.org/security/WSA-2023-0009.html
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-41993
- https://www.debian.org/security/2023/dsa-5527
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime